The Okta/Synthetix SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Contact your Synthetix Account Manager and request that they enable SAML 2.0 for your account.
Include the following information with your request:
Identity Provider SSO URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Identity Provider Issuer: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
X509 Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Your Synthetix Account Manager will process your request and will provide you with Relay State and Organization Identifier values.
In Okta, select the Sign On tab for the Synthetix SAML app, then click Edit.
Enter the Relay State and Organization Identifier value provided to you by Synthetix into the corresponding fields.
Click Save:
Group Attributes: To send groups as a part of the SAML assertion, in Okta, select the Sign On tab for the Synthetix app, then click Edit. (Note: Only groups containing Synthetix in the group name should be sent in the assertion. This is required for operators to properly log in.)
From the groups dropdown menu, select Contains, then type Synthetix into the text field.
Click Save:
Done!
The following SAML attributes are supported:
| Name | Value |
|---|---|
| groups | This is configured in the app UI; see Group attribute instructions (step 5) above. |
For more information, see the Synthetix Permission Group Integration Guide.
Go to https://[company subdomain].synthetix.cloud/#!/login
Click Sign in with Okta:
