Read this before you enable SAML
Enabling SAML will affect all users who use this application, which means that users will not be able to sign in through their regular sign-in page. They will be able to access the app through the Okta service.
Backup URL
Transform doesn't provide a backup sign-in URL where users can sign in using their regular username and password. You can contact Transform Support to turn off SAML, if necessary.
The Okta/Transform SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Sign in to your Transform instance as an administrator.
Go to Settings > Organization Settings > Security.
Click Enable Okta.
Enter the following:
Single-Sign-On URL:
Sign into the Okta Admin Dashboard to generate this variable.
Company Name: Enter your Company Name.
X.509 Certificate: Download and save the following as okta.cert, then upload it to Transform:
Sign into the Okta Admin Dashboard to generate this variable.
Allowed Email Domains: Enter your email domain.
Click Save.
In the next window:
Make a note of your SAML Connection Name and Organization ID.
Click Download Certificate and save the certificate.
Click Close.
In Okta, select the Sign On tab for the Transform app, then click Edit.
Encryption Certificate: Upload the transform.cert file from step 5.
Scroll down to Advanced Sign-on Settings and enter your SAML Connection Name and Organization ID values (step 5) into the corresponding fields.
Under Credentials Details, select Email for the Application username format.
Click Save.
Done!
The following SAML attributes are supported:
Name | Value |
---|---|
first_name | user.firstName |
last_name | user.lastName |
String.toLowerCase(user.email) | |
org_id | org.organizationId |
Enter your Email Address, then click Continue.