Okta

How to Configure SAML 2.0 for Templafy


Read this before you enable SAML

Contents


Supported Features

The Okta/Templafy SAML integration currently supports the following features:


Configuration Steps

  1. Contact the Templafy Support team at support@templafy.com and request that they enable SAML 2.0 for your organization.

  2. Provide the following Metadata URL with your request:

    Sign into the Okta Admin dashboard to generate this value.

  3. OPTIONAL: If you want pass Okta groups as part of the SAML response:

    • In Okta, select the Sign On tab for the Templafy app, then click Edit.

    • Select your preferred group filter from the http://schemas.microsoft.com/ws/2008/06/identity/claims/role dropdown list (the Regex rule with the value ".*" in order to send *all* Okta groups to the Templafy instance we used in our example) for the attribute.

    • Click Save.

    Configure Groups in Okta - optional

  4. In Okta, select the Sign On tab for Templafy SAML app, then click Edit:

    • Scroll down to ADVANCED SIGN-ON SETTINGS.

    • Check Upgrade to Templafy HIVE.

    • Enter your Assertion Consumer Service based on your location. Guidelines for your location:

      • West Europe (small companies): Enter https://templafyprod0.auth.templafy.com/auth/saml2/auth-services/Acs
      • West Europe: Enter https://templafyprod1.auth.templafy.com/auth/saml2/auth-services/Acs
      • East US: Enter https://templafyprod2.auth.templafy.com/auth/saml2/auth-services/Acs
      • East Australia: Enter https://templafyprod3.auth.templafy.com/auth/saml2/auth-services/Acs
    • Click Save

    Okta Sign On, check Upgrade to Templafy HIVE, enter ACS based on location

  5. The Templafy Support team will process your request. After receiving a confirmation email, you can start assign people to the application.

  6. Done!


Notes

The following SAML attributes are supported:

In addition to the default attributes, Okta supports the following custom attributes:

Here is an example describing how to add and use the additional Department attribute:

  1. In Okta, navigate to Directory > Profile Editor.

  2. Search for the Templafy app, then click Profile:

    templafy2.png

  3. Click Add Attribute, then enter the following:

    • Display Name: Enter a preferred attribute name. In our example, we used Department.

    • Variable Name: Enter department.

      Important: In our example we are adding the department attribute. You must use the following variable names (case-sensitive) for the custom attributes: title, mobilePhone, primaryPhone, streetAddress, city, state, zipCode, preferredLanguage, department, country, customClaim1, customClaim2, customClaim3.

    • Click either Add Attribute or Save and Add Another.

      Note: Scope (optional): If you check User personal, the current attribute will be available once you assign the user to the Templafy application and will not be available once you assign the group to the app.

    templafy3.png

  4. Click Map Attributes:

    templafy4.png

  5. Select the Okta to Templafy tab.

  6. Start typing the required attribute from the Okta Base User profile (or use the dropdown list) and select the attributes you want to map.

    Note: In our example, we have selected the Department attribute, and then use the green arrows (Apply mapping on user create and update).

  7. Click Save Mappings:

    templafy5.png

  8. Click Apply updates now:

    templafy6.png

  9. Okta will now pass the Department attribute with the value of the Department field from the Okta Base User Profile.

SP-initiated SSO

Open the following URL: https://[yourSubDomainValue].templafy.com/.