The Okta/DigiCert SAML integration currently supports the following features:
Login to DigiCert as an administrator.
Navigate to SETTINGS > Single Sign-on.
Click Edit Federation Settings:
In the Federation Settings section, enter the following:
Under How will you send data from your IDP?:
Select Use a dynamic URL and enter the following metadata URL:
Sign into the Okta Admin dashboard to generate this value.
Under How will you identify a user?:
Select either NameID or Use a SAML attribute.
If you select Use a SAML attribute you must enter an email value.
Note: The email attribute is mapped to the Email user field in Okta. Use NameID option in case of a custom DigiCert nameid value.
Federation Name: The federation name must be unique. We recommend that you use your company name.
Click Save and Finish.
The Single Sign-on (SSO) page opens. Save the SP Initiated Custom SSO URL value, you will need this URL for the SP-initiated flow:
Done!
The following SAML attribute is supported:
| Name | Value |
|---|---|
| user.email |
Open the SP Initiated Custom SSO URL (step 5).