How to Configure SAML 2.0 for MyWorkDrive

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/HubSpot SAML integration currently supports the following features:

• IdP-initiated SSO
• SP-initiated SSO
• SP-initiated Single Logout

For more information on the listed features, visit the Okta Glossary.

---

Configuration Steps

1. Open the saml.config located here: C:\Wanpath\WanPath.Data\Settings.

   Uncomment the <PartnerIdentityProvider> entry for Okta.

   Note: Refer to the MyWorkDrive Server Configuration section in the MyWorkDrive-Okta-SAML-IntegrationGuide instructions. For any questions, contact the MyWorkDrive Support team at support@wanpath.com.

2. You'll need the following values:

   • PartnerIdentityProvider Name: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • SingleSignOnServiceUrl: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • SingleLogoutServiceUrl: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • PartnerCertificateFile: Save the following file as okta.cer and place it into C:\Wanpath\WanPath.Data\Settings\Certificate:

     Sign into the Okta Admin Dashboard to generate this variable.

3. The Okta identity provider configuration section should be similar to the following saml.conf:

   <!-- Okta -->
   <PartnerIdentityProvider Name="http://www.okta.com/exxxxxdasDbO3SoOGQ355"
    Description="Okta"
   SignAuthnRequest="true"
    SignLogoutRequest="true"
    SignLogoutResponse="true"
    WantLogoutRequestSigned="true"
    WantLogoutResponseSigned="true"
   
   SingleSignOnServiceUrl="https://yourcompany.okta.com/app/myworkdrive/exxxxxdasDbO3SoOGQ355/sso/saml"
   
   SingleLogoutServiceUrl="https://yourcompany.okta.com/app/myworkdrive/exxxxxdasDbO3SoOGQ355/slo/saml"
    PartnerCertificateFile="C:\wanpath\WanPath.Data\Settings\Certificates\okta.cer"/>
   
   

4. OPTIONAL: In Okta, select the Sign On tab for the MyWorkDrive SAML app, then click Edit.

   • Check Enable Single Logout.

   • Save your own SSL certificate and then upload it to Signature Certificate field.

     Note: Your own SSL certificate is one of the following 3 types:

     1. (Recommended) Public certificate specifically for SAML installed on the MyWorkDrive Server. For example: https://saml.yourdomain.com.

     2. The same public certificate used for your MyWorkDrive server web address. For example: https://share.yourdomain.com.

     3. Your own Self Signed SSL Certificate that you generate using IIS Administrator.

   • Click Save:

   

5. Done!

---

Notes

Make sure that you entered the correct value in the BaseURL field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to MyWorkDrive.

SP-initiated SSO

1. Go to https://mwdserver.yourdomain.com/Account/Login-SAML.aspx URL

2. Click SSO to the identity Provider: