This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
Read this before you enable SAML
Enabling SAML will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service.
Cisco Webex Teams does not provide backup log-in URL where users can sign-in using their normal username and password. You can email Cisco Webex support to turn off SAML, if necessary.
The Okta/Cisco Webex Teams SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Login to the Cisco Webex Control Hub at https://admin.webex.com as an administrator
Navigate to Settings > Authentication, then click Modify:
Select Integrate a 3rd-party provider. (Advanced), then click Next:
Click Download Metadata File, then click Next:
Open the downloaded Metadata file in a text editor. Locate and make a copy of the value of entityID:
The value should look like this: https://idbroker.webex.com/1a2b3c...
In Okta, select the Sign On tab for the Cisco Webex Teams app, then click Edit.
Scroll down to the ADVANCED SIGN-ON SETTINGS section.
Organization ID: Enter the last part of the entityID value you just copied from the Metadata file.
For example, if the value for the entityID is: https://idbroker.webex.com/1a2b3c...
Then the value you should enter in the Organization ID field is: 1a2b3c...
Copy and paste the following IDP Metadata into a file and save as metadata.xml (do not use any spaces in the file name).
Sign in to Okta Admin app to have this variable generated for you.
Go back to the Enterprise Settings page. Click file browser to locate and upload the metadata.xml file you've just saved. Check Require certificate signed by a certificate authority in Metadata (more secure), then click Next:
Click Test SSO Connection.
Note: A new browser window will open - make sure that your browser allows for pop-ups.
You should see a Single Sign-on succeeded message in a new browser tab. Close this tab.
Select the The test was successful. Enable Single Sign On. option, then click Save:
The following SAML attributes are supported:
Go to https://teams.webex.com/.
Enter your email address.