Okta

How to Configure SAML 2.0 for Cobalt


Read this before you enable SAML

Enabling SAML will affect all users who use this application, which means that users will not be able to sign in through their regular sign-in page. They will be able to access the app through the Okta service.

Backup URL

Cobalt doesn't provide a backup sign-in URL where users can sign in using their regular username and password. You can contact Cobalt Support (support@cobalt.io) to turn off SAML, if necessary.

Contents


Supported Features

The Okta/Cobalt SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.


Configuration Steps

  1. Login to Cobalt.

  2. On the navigation panel select Settings, then select the Identity & Access tab and click Enable for SAML 2.0.

  3. Enter the following:

    • IdP Issuer URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • IdP Target URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • IdP Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.
    • Click Save.

  4. Still on the Settings page, make a copy of your IdP RelayState value marked in red below:

    Cobalt Settings page, copy your IdP RelayState value

  5. In Okta, select the Sign On tab for the Cobalt SAML app, then click Edit:

    • Default Relay State: Enter your IdP RelayState (step 4).

    • Click Save:

    in Okta, Sign On tab, enter IdP RelayState value from Cobalt

  6. Done!


Notes

The following SAML attributes are supported: