The Okta/Docebo SAML integration currently supports the following features:
Generate your service provider certificate (Private Key File (PEM) and Certificate file (CRT)).
The following examples use the openssl tool:
Log in to Docebo with your administrator credentials.
Navigate to APPS and Features > Single Sign On.
Click on the Settings button for OKTA.
Enter the following values in the OKTA - Settings screen (see screen shot at end of step for reference):
External key: Copy and paste the following:
Sign in to the Okta Admin app to have this variable generated for you.
Select CHOOSE FILE to upload the Private Key file (PEM) and Certificate file (CRT) you generated in step 1.
XML Metadata: Copy and paste the following:
Sign into the Okta Admin dashboard to generate this value.
Username Attribute: Enter username.
To enable SP-initiated flow (SSO behavior):
Select Show standard login page, then Show SSO button on login page (case 1).
Or you can just select Automatic redirect to identity provider (case 2).
To enable user provisioning:
Select Enable.
Select If user exists, update information.
Add the following fields: E-mail, First name, Last name.
Enter the following Attribute statement values for the fields: email, firstName, lastName.
Select SAVE CHANGES.
Done!
The following SAML attributes are supported:
| Name | Value |
|---|---|
| firstName | user.firstName |
| lastName | user.lastName |
| user.userName | |
| username | user.userName |
Case 1:
Open your login page.
Click the SSO button.
Case 2:
Open your login page.