How to Configure SAML 2.0 for Thomsons Online Benefits

1. Send an email to the Thomsons Online Benefits support team to request SAML 2.0  access. 

2. Copy the following IDP Metadata into a text file. Save it with the file name metadata.xml. Attach this file to the email message.

   Sign in to Okta Admin app to have this variable generated for you.

3. Download and attach the following x.509 Certificate to the email:
   
   Sign in to the Okta Admin dashboard to generate this value.

4. Thomsons Online Benefits will process your request and provide you with a unique Single Sign-On URL for your account. The URL format is similar to https://ssl.perquisite.net/memberweb/sso/saml2/12345b67-89e0-123c-1234-5fd12345d132.

5. In Okta, in the Thomsons Online Benefits app, select the General tab and enter the Single Sign-On URL, as show below.
   
   

6. Done!

Note: Thomsons Online Benefits supports an IdP-initiated flow only. SP-initiated flows and Just In Time (JIT) provisioning are not supported.