How to Configure SAML 2.0

Some of the following fields are required to configure SAML 2.0, but not all. Provide the information requested either in the site for the app for which you are configuring SAML, or an email to support, if that is what the app provider requests.

Note: Some of the terminology can vary among apps. For example, some apps refer to the Sign Out URL as the Identity Provider HTTP POST URL. You might have to look at the sample data provided by an app to determine which field to use.

1. IDP Metadata:
   

   Sign in to Okta Admin app to have this variable generated for you.

2.   IDP Issuer/Entity ID:Sign into the Okta Admin Dashboard to generate this variable.
3. x.509 Certificate. Please use one of the following certificate formats, as requested by the app provider:
• x.509 Certificate to download and upload in .cert Format:Sign into the Okta Admin Dashboard to generate this variable.
• x.509 Certificate to cut and paste in Text Format:

  Sign into the Okta Admin Dashboard to generate this variable.

• x509 Certificate to cut and paste in PEM Text Format:

  Sign into the Okta Admin Dashboard to generate this variable.

• x509 Certificate SHA1 Fingerprint to cut and paste:Sign into the Okta Admin Dashboard to generate this variable.
• x509 Certificate SHA256 Fingerprint to cut and paste:Sign into the Okta Admin Dashboard to generate this variable.
4. Login URL/SignOn URL:Sign into the Okta Admin Dashboard to generate this variable.
5. Logout URL/SignOut URL:Sign into the Okta Admin Dashboard to generate this variable.