The Okta/Nimeyo SAML integration currently supports the following features:
Sign into the Okta Admin Dashboard to generate this variable.
The Regex rule with the value ".*" in order to send *all* Okta groups to the Nimeyo qPod instance we used in our example shown below.
Done!
Make sure that you entered the correct value in the subdomain field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Nimeyo.
The following SAML attributes are supported:
Okta sends the following default attributes as part of the SAML assertion:
Name | Value |
---|---|
userName | user.userName |
user.userName | |
firstName | user.firstName |
lastName | user.lastName |
groups | This will be configured in the app UI; see groups attribute instructions above. |
In addition to the default attributes, Okta supports the following custom attributes:
Name | Value |
---|---|
title | appuser.title |
displayName | appuser.displayName |
city | appuser.city |
state | appuser.state |
countryCode | appuser.countryCode |
organization | appuser.organization |
division | appuser.division |
department | appuser.department |
Here is an example describing how to add and use the additional organization attribute:
In Okta, navigate to Directory > Profile Editor.
Search for the Nimeyo qPod app, then click Profile:
Click Add Attribute, then enter the following:
Display Name: Enter a preferred attribute name. In our example, we used Organization.
Variable Name: organization.
Important: In our example we are adding the organization attribute. You must use the following variables names for the custom attributes: title, displayName, city, state, countryCode, organization, division, department.
Click either Add Attribute or Save, and Add Another.
Note: Scope (optional): If you check User personal, it means that the current attribute will be available once you assign the user to the Nimeyo qPod application and will not be available once you assign the group to the app.
Click Map Attributes:
Select the Okta to Nimeyo qPod tab.
Start typing the required attribute from the Okta Base User profile (or use the drop down list) and select the attributes you want to map.
In our example, we have selected the Organization< attribute, then use the green arrows (Apply mapping on user create and update).
Click Save Mappings:
Click Apply Updates Now:
Okta will now pass the company attribute with the value of the Organization field from the Okta Base User Profile.
Go to your login URL.
Scroll down to the Login through an external provider section.
Select Login using Okta: