The Okta/Northpass SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Login to your Northpass instance as an administrator.
Navigate to Account > Settings:
Make a copy of your School URL, then select Authentication:
Click Edit:
The question Are you sure you want to modify the authentication setup for your school? will appear, click Continue, then enter the following (see screen shot at end of step for reference):
Authentication Type: Select Shared Accounts from the drop down menu.
What type of shared account would you like to use?: Select the Okta and Just SSO options.
What is your identity provider single sign-on url?: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
What is your identity provider issuer?: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
What is your X.509 certificate?: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Click Save.
In Okta, select the Sign On tab for the Northpass app, then click Edit.
Enter your School URL that you made a copy of in step 3 into the corresponding field.
Click Save.
Optional: To send groups as part of the SAML assertion, still in Okta, select the Sign On tab for the Northpass app, then click Edit.
Select the appropriate filter from the Groups drop down menu, then enter a value (see screen shot).
Click Save.
Done!
The following SAML attributes are supported:
| Name | Value |
|---|---|
| first_name | user.firstName |
| last_name | user.lastName |
| user.email | |
| Groups | This will be configured in the app UI; see Group attribute instructions (step 7) above. |
Go to: https://[your-School-URL].