How to Configure SAML 2.0 for Dynamic Signal

Supported Features

The Okta/Dynamic Signal SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.

Identity Provider Certificate: Copy and paste the following:

Sign into the Okta Admin Dashboard to generate this variable.

Identity Provider Service URL: Copy and paste the following:

Sign into the Okta Admin dashboard to generate this value.
Service Binding: Select POST.
Logout URL: Copy and paste the following:

Sign into the Okta Admin Dashboard to generate this variable.

Enter SSO config values

Signature Algorithm: Select SHA-256
ID and Email Settings: Select the required value. By default Email Required as User ID is used.
Important: Do not select any option contains External SSO User ID if you have added users in Dynamic Signal manually. This will prevent user login to Dynamic Signal. We recommend using this option for users created using SCIM functionality only.
Attribute Map: Enter the following attribute names:
- Email: Email
- First Name: FirstName
- Last Name: LastName
Click Save:
[OPTIONAL] If you are going to allow your users to login using username/password:
- Navigate to Admin > Registration > Registration settings.
- Select the Email Address option.
Done!

Make sure that you entered the correct value in the Base URL field under the General application tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Dynamic Signal. The Base URL value is equal to the Service Provider Issuer (step 4).
The following SAML attributes are supported:

OPTION A: Email/password authentication allowed.

Open your base URL, click Sign In with SSO

OPTION B: Email/password authentication NOT allowed.

Open your base URL value.