How to Configure SAML 2.0 for Axomo

Contents

• Supported Features
• Configuration Steps
• Notes
• Custom Attributes

---

Supported Features

The Okta/Axomo SAML integration currently supports the following features:

• SP-initiated SSO
• IdP-initiated SSO
• JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

---

Configuration Steps

1. Sign in to your Axomo account.

2. Go to Admin Panel > User Management > User Settings:

   

3. Scroll down to the ENABLE SINGLE SIGN ON section and enable SAML2 Authentication:

   

4. Enter the following:

   • Application ID: Enter a preferred name.

   • SAML Signing Certificate (base64): Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • IDP Issuer: Copy and paste the following:

     Sign in to the Okta Admin app to have this variable generated for you.

   • Login URL: Copy and paste the following:

     Sign in to the Okta Admin app to have this variable generated for you.

   • Click OK:

   

5. Still on USER SETTINGS, click Save Changes.

6. In Okta, select the Sign On tab for the Axomo SAML app, then click Edit:

   • Scroll down to CREDENTIALS DETAILS.

   • Application username format: select Email.

   • Click Save

   

7. Done!

---

Notes

• Make sure that you entered the correct value in the Subdomain field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Axomo.




• The following SAML attributes are supported:

  Name	Value
  firstname	user.firstName
  lastname	user.lastName
  email	user.email

SP-initiated SSO

1. Go to: https://[your-subdomain].axomo.com/.

2. Click Login, then click Sign in with SSO:

---

Custom Attributes

OPTIONAL

By default Okta only sends 3 SAML attributes in the SAML assertion: firstname, lastname, and email. To send the custom attributes customid, follow the steps below:

1. In Okta, select the Sign On tab for the Axomo SAML app, then click Edit.

   • Select Attributes (Optional) and set customid as a Name and appuser.customid as a Value.

   • Click Save:

   

2. Go to Directory > Profile Editor:

   

3. Search for your Axomo app, then click Profile:

   

4. Click Add Attribute, then enter the following:

   • Display Name: Enter customid

   • Variable name: Enter customid

   • Click Save:

   

5. Now, when you assign users to the Axomo SAML app, you can now specify the value of the customid attribute:

   

6. Done!