Okta

How to Configure SAML 2.0 for HighBond

Contents

Supported Features

The Okta/HighBond SAML integration currently supports the following features:

  • SP-initiated SSO
  • IdP-initiated SSO
  • JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

  1. Login to your ACL account as an administrator.

  2. Click on the Options drop down, then select Organization:

    highbond1.png

  3. In the Single Sign-On (SSO) Provider section, select Manage SSO Settings:

    highbond4.png

  4. Follow the steps below:

    • Custom Domain: Make a copy of this value.

    • Entity ID: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Metadata URL: Copy and paste the following:

      Sign into the Okta Admin dashboard to generate this value.

    • Redirect Login URL: Copy and paste the following:

      Sign in to the Okta Admin app to generate this variable.

    • Logout URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Security Certificate Fingerprint: Copy and paste the following:

      Sign into the Okta Admin dashboard to generate this value.

    • Fingerprint Algorithm: Select SHA256.
    • Check the Enable Single Sign-On (SSO) box.
    • Click Save changes.

    acl_new_b.png

  5. In Okta, select the Sign On tab for the ACL GRC SAML app, then click Edit:

    • Enter the Custom Domain value you made a copy of in step 3 into the corresponding field.

    • Click Save.

    acl_new_c.png

  6. Done!

Notes

The following SAML attributes are supported:

    Name Value
    name user.firstName user.lastName

SP-initiated SSO

  1. Go to https://accounts.highbond.com/login

  2. Click Sign in to a custom domain:

    3. highbond2.png

  3. Enter your custom domain, then click CONTINUE:

    4. highbond3.png