Okta

How to Configure SAML 2.0 for UniversitySite

  1. Copy and save the following certificate as universitysite.cer:

    -----BEGIN CERTIFICATE-----
MIIC+zCCAeOgAwIBAgIQmFxxCySzfqxG3aymA+OwMTANBgkqhkiG9w0BAQsFADAU
MRIwEAYDVQQDEwlqdGVzdC5jb20wHhcNMTcwODAyMjEwOTI5WhcNMzkxMjMxMjM1
OTU5WjAUMRIwEAYDVQQDEwlqdGVzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Y7pFXtdugMwSPvT2u4ec2+QntGmon6hoWhYNKyaIlIufl3rk
bXIREASxVmMOhwk4dLs611IDW6ttaUiiF4FEhnzdTtSgN2xBRnIyhDk8PUp5GVEP
luxi9+z6htZ3+DNgGFwwxMAz4VnFAU39jrjGxcwlFIhH/ODuFSAFyK7PMYjzQX+U
UKDkklGqCXFPKOnrHDesbYVu4tGyjSSTPo09skvIK9z7AdpdgWBWB337i6P7UWQh
uNDWUOpmB43NpKIIjdJZRmFtqy+pU7aaucme98AeWr/v4NU0pc2KfjPcdI41wX78
5Z+KJGWMIj9ZdJxP9DUDvHFSt4j4JGLAE6+9AgMBAAGjSTBHMEUGA1UdAQQ+MDyA
EOEDHUeY3gHpH9MBRuqI2RuhFjAUMRIwEAYDVQQDEwlqdGVzdC5jb22CEJhccQsk
s36sRt2spgPjsDEwDQYJKoZIhvcNAQELBQADggEBAJ4NSwMxmGINQb0iYgKr2Hbv
BNKIbVhr3qSkNiCt4cvo48OKtg6Wm9mwiRJigO1GdF7X2atMDO35DiniVynLnb0p
Q9cGpJRwjCzC+cQmMZgojhBBWRJGcsTk5CtJGAXfUO2C6qGLIfRyff3+rdMWnDlA
v9ycfDNi3EXeq3fIYe9iRYs+Mhn0Vc/Ct8/Pek/3H5IaGljFI0PVnheJC1Jfefvq
yJVjbgYh+fdl0zw3TElVO/+UukUrYEkXBY5haTPxu6O/9+o6jMnxBZ5fXBTnihIA
gV58nDScO8jsU3UDMHia8GKFEbSOkSZ18xt5nvLPTxqRCa4U7oNN6lGKokyu8Ac=
-----END CERTIFICATE-----

  2. In Okta, select the Sign On tab for the UniversitySite app, then click Edit.

    • Check Enable Single Logout.

    • Signature Certificate and Encryption Certificate: Click Browse to locate the universitysite.cer certificate you saved in step 1, then click Upload to upload it to Okta (both certificates).

    • Click Save.

    usite1.png

  3. Sign in to UniversitySite.

  4. Click on the left-most drop-down menu at the top of the page, then click InstructorSite, then do the following:

    • Click on your name in the top-right corner of the page, then select Global Settings from the drop-down menu.

    • Select Users.

    • Click the Login Settings link.

    usite2.png

  5. On the Login Settings page, enter the following:

    • Type: Select the Use SAML (OKTA, OneLogin, SecureAuth, etc) option.

    • Subdomain: Enter your subdomain (the UniversitySite support team will provide you with this value).

    • SAML ID Provider URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SAML SSO URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SAML SLO URL: Copy and paste the following:

      Sign into the Okta Admin dashboard to generate this value.

    • SAML ID Provider's Cert: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Click Save Settings.

    usite3.png

  6. Done!


Notes:

IdP-initiated flows, SP-initiated flows, and SP-initiated Single Logout (SLO) are supported.

Just In Time (JIT) provisioning is not supported.


For SP-initiated Flows

Open the following URL: https://[subDomain].universitysite.com/UniversitySite[subDomain]/.

For example, if your Subdomain is Acme, then open: https://acme.universitysite.com/UniversitySiteAcme/ URL.