Okta

How to Configure SAML 2.0 for ITProTV


Read this before you enable SAML

Enabling SAML affects all users who use this application, which means that users aren't able to sign-in through their regular sign-in page. They can only access the app through the Okta service.

Backup URL

ITProTV provides the following backup sign-in URL where admins can sign-in using their normal username and password:

https://enterprise.itpro.tv/admin/login

Contents

Supported Features

The Okta/ITProTV SAML integration currently supports the following features:

Configuration Steps

  1. Contact the ITProTV support team (support@support@itpro.tv) and request that they enable SAML 2.0 for your account. Also ask them to provide you with the Slug and Order Item values.

  2. Provide the following Metadata URL with your request:

    Sign into the Okta Admin dashboard to generate this value.

  3. The ITProTV team processes your request and provides you with the Slug value, and also the Order Item or Enterprise Grant Id value. The value provided (Order Item or Enterprise Grant Id) depends on which attribute is used in your system.

  4. In Okta, select the Sign On tab for the ITProTV app, then click Edit.

    • Enter your Slug value that was provided in step 3 by ITProTV into the corresponding field.

    • Click Save.

    itpro1.png

  5. Now add the custom attribute, either orderItem or enterpriseGrantId to the app. Which attribute you use depends on which attribute is used in your system. In Okta, navigate to Applications, and then Profile Editor:

    itpro2.png

  6. Search for your ITProTV app, then click the Profile button.

    itpro3.png

  7. Click Add Attribute, then enter the following information:

    If you are adding the orderItem attribute:

    • Display name: Enter the preferred name (for example, ITProTV Order Item).
    • Variable name: Enter itprotvOrderItem.
    • Click Save.

    If you are adding the enterpriseGrantId attribute:

    • Display name: Enter the preferred name (for example, Enterprise Grant Id).
    • Variable name: Enter enterpriseGrantId.
    • Click Save.

    itpro4.png

    Note: Scope: If you check User personal, the current attribute is available after you assign a single user to the ITProTV app. It is not available after you assign a group to the ITProTV app.

    After you complete the steps above, the following appears if you added the orderItem attribute:

    itpro5.png

    The following appears if you added the enterpriseGrantId attribute:

    itpro6.png

    When you assign users to the ITProTV SAML app, you must now specify a value for the orderItem attribute:

    itpro7.png

    Or, specify a value for the enterpriseGrantId attribute:

    itpro8.png

  8. Done!

Notes

The following SAML attributes are supported:

SP-initiated SSO

Open the following URL: https://enterprise.itpro.tv/[yourSlug]/login.

Where: [yourSlug] is the Slug value provided in step 3.