Read this before you enable SAML
Enabling SAML will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service.
Backup URL
Workfront Proof does not provide backup log-in URL where users can sign-in using their normal username and password. You can call Workfront Proof support to turn off SAML, if necessary.
The Okta/Workfront Proof SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Login to your Workfront Proof account.
Navigate to Settings > Account Settings > Single sign-on, then do the following:
SSO URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Login URL: Copy and paste the following:
Sign into the Okta Admin dashboard to generate this value.
Logout URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Certificate fingerprint: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
SSO: Click Enable Automatically provision users (optional): Click Enable to enable JIT.
Automatically provision users (optional): Click Enable to enable JIT.
Make sure that you entered the correct value in the Subdomain field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Workfront Proof.
The following SAML attributes are supported:
| Name | Value |
|---|---|
| firstName | user.firstName |
| lastName | user.lastName |
Go to: https://[your-subdomain].proofhq.com/login.
Click Login.
