How to Configure SAML 2.0 for Slemma

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/Slemma SAML integration currently supports the following features:

• SP-initiated SSO
• IdP-initiated SSO
• JIT (Just In Time) Provisioning

---

Configuration Steps

1. Sign into your Slemma account as an administrator.

2. Navigate to Admin > White label:

   

3. Scroll down to the SSO settings section, then do the following:

   • Use the slider to Enable Single Sign On (SAML 2.0).

   • SAML sign-in URL: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • X.509 Certificate: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • Acceptable domains separated by a semicolon: List the email domains to be allowed to authenticate via your SAML server, separated by semicolons. Note that Public domains (for example, @gmail.com, @outlook.com, etc.) are not allowed.

   • Click SAVE CHANGES:

   

4. Done!

---

Notes

The following SAML attributes are supported.

Name	Value
FirstName	user.firstName
LastName	user.lastName

For SP-initiated SSO

1. Go to: https://slemma.com/saml-auth.

2. Enter your email.

3. Click Sign in: