How to Configure SAML 2.0 for MobileIron Cloud

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/MobileIron Cloud SAML integration currently supports the following features:

• SP-initiated SSO

---

Configuration Steps

1. Login to MobileIron Cloud as an administrator.

2. Navigate to Admin > Identity.

3. Click the Set Up An Identity Provider button:

   

4. Click the Generate Key button:

   

5. Do the following:

   • Make a copy of the Key and Host values.

   • Download then save the following file as metadata.xml:

     Sign into the Okta Admin dashboard to generate this value.

   • Click Choose File and upload the metadata.xml file you just saved.

   • Click Done.

   

6. In Okta, select the Sign On tab for the MobileIron Cloud app, then click Edit.

   • Enter the Key and Host values you saved earlier into the corresponding fields.

   • Click Save.

   

7. OPTIONAL: To send groups as a part of SAML assertion, in Okta select the Sign On tab for the MobileIron Cloud app, then click Edit.Edit.

   • Select the appropriate filter from the drop-down menu, then type the preferred value into the field.

   • Click Save.

   

8. Done!

---

Notes

The following SAML attributes are supported:

Name	Value
micloud_username	user.userName
micloud_usergroup	This will be configured in the app UI; see Group attribute instructions (step 7) above.

SP-initiated SSO

1. Open the login URL.

2. Enter your Username.

3. Click Sign In.