How to Configure SAML 2.0 for 7Geese
This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
Contents
Supported Features
The Okta/7Geese SAML integration currently supports the following features:
- IdP-initiated SSO
- SP-initiated SSO
- JIT (Just In Time) Provisioning
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
- Login to 7Geese as an administrator and navigate to Organization Settings.
- In section 1, Provider Settings, enter the following information (screen shot at end of step for reference).
- Issuer: Copy and paste the following into this field:
Sign in to the Okta Admin app to generate this variable.
- Metadata URL: Copy and paste the following into this field:
Sign in to the Okta Admin app to have this variable generated for you
- SSO URL: Copy and paste the following into this field:
Sign in to the Okta Admin app to generate this variable
- X.509 Certificate: Copy and paste the following into this field:
Sign into the Okta Admin Dashboard to generate this variable.
- Click Save.
- Scroll down to Section 2, SAML Config on the Organization Settings page and copy and save the following values (screen shot at end of step for reference).
- Audience.
- SSO Service URL (Assertion Consumer Service).
In Okta, select the Sign On tab for the 7Geese app, then click Edit.
Default Relay State: Enter "/".
Scroll down to the ADVANCED SIGN-ON SETTINGS section.
Enter the value you copied from the SSO Service URL (Assertion Consumer Service) field in step 4 into the ACS URL field.
Enter the value you copied from the Audience field in step 4 into the Audience Restriction field.
Click Save.
- Done!
Notes
The following SAML attributes are supported:
Name |
Value |
first_name |
user.firstName |
last_name |
user.lastName |
SP-initiated SSO
Go to https://app.7geese.com/samllogin/.
- Enter your EMAIL address.
- Click Next >>.