How to Configure SAML 2.0 for 7Geese

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/7Geese SAML integration currently supports the following features:

• IdP-initiated SSO
• SP-initiated SSO
• JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

---

Configuration Steps

1. Login to 7Geese as an administrator and navigate to Organization Settings.
2. In section 1, Provider Settings, enter the following information (screen shot at end of step for reference).
   
   • Issuer: Copy and paste the following into this field:

     Sign in to the Okta Admin app to generate this variable.

   • Metadata URL: Copy and paste the following into this field:

     Sign in to the Okta Admin app to have this variable generated for you

   • SSO URL: Copy and paste the following into this field:

     Sign in to the Okta Admin app to generate this variable

   • X.509 Certificate: Copy and paste the following into this field:

     Sign into the Okta Admin Dashboard to generate this variable.

   

3. Click Save.
4. Scroll down to Section 2, SAML Config on the Organization Settings page and copy and save the following values (screen shot at end of step for reference).
   • Audience.
   • SSO Service URL (Assertion Consumer Service).

   

5. In Okta, select the Sign On tab for the 7Geese app, then click Edit.

   • Default Relay State: Enter "/".

     

   • Scroll down to the ADVANCED SIGN-ON SETTINGS section.

   • Enter the value you copied from the SSO Service URL (Assertion Consumer Service) field in step 4 into the ACS URL field.

   • Enter the value you copied from the Audience field in step 4 into the Audience Restriction field.

   

   • Click Save.

6. Done!

---

Notes

The following SAML attributes are supported:

Name	Value
first_name	user.firstName
last_name	user.lastName

SP-initiated SSO

1. Go to https://app.7geese.com/samllogin/.

2. Enter your EMAIL address.
3. Click Next >>.