How to Configure SAML 2.0 for Kapost

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/Kapost SAML integration currently supports the following features:

• IdP-initiated SSO
• SP-initiated SSO
• JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

---

Configuration Steps

1. Login to Kapost as an administrator, then go to Settings > Single Sign On.

2. Check Enable Sign Sign-On.

3. Make a copy of the values from the SAML Consumer URL and SAML Metadata URL fields.

   

4. In Okta, select the Sign On tab for the Kapost app, then click Edit:

   • Enter the values you just saved into the corresponding fields.

   • Click Save:

   

5. In Kapost SSO Settings section, enter the following:

   • SAML 2.0 Endpoint (HTTP): Copy and paste the following Login URL/SignOn URL:

     Sign into the Okta Admin Dashboard to generate this variable.

   • X.509 Certificate: Use the dropdown menu and select X.509 Certificate, then copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • First/Last Name Attribute: Enter First Name and Last Name attributes:

   • Logout URL: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   

6. Done!

---

Notes

The following SAML attributes are supported:

Name	Value
First Name Attribute	user.firstName
Last Name Attribute	user.lastName

SP-initiated SSO

1. Go to the SAML Consumer URL.

2. Click Sign in with SSO: