Enabling SAML will affect all users who use this application, which means that users will not be able to sign in through their regular log in page. They will only be able to access the app through the Okta service.
Contentful does not provide backup log in URL where users can sign in using their normal username and password. You can email Contentful Support to turn off SAML, if necessary.
The Okta/Contentful SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Log in to Contentful as an administrator.
Click on your organization:
Select Organization settings:
Select SSO, then follow the steps below:
ACS (Assertion Consumer Service) URL: Make a copy of the portion marked in red. This is your Organization ID.
SSO provider: Select Okta.
Single Sign-On Redirect URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
X.509 Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Click Test connection:
Once you get your Connection test successful! message, follow the steps below:
Enter your preferable Sign-in name.
Click Enable SSO:
Still in Contentful, make a copy of your Sign-in name and Bookmarkable Login URL values.
In Okta select the Sign On tab for the Contentful SAML app, then click Edit.
Enter your Organization ID you made a copy of in step 4 into the corresponding field.
Click Save:
Done!
The following SAML attributes are supported:
| Name | Value |
|---|---|
| givenname | user.firstName |
| surname | user.lastName |
| user.userName |
Do one of the following:
EITHER
Enter your Sign-in name you made a copy of in step 6, then click Continue:
OR
Go to the Bookmarkable Login URL you made a copy of in step 6.