Okta

How to Configure SAML 2.0 for Workplace by Facebook


Notes

Contents

Supported Features

The Okta/Workplace by Facebook SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

  1. Log in to Workplace by Facebook as an administrator.

  2. Navigate to Admin Panel > Security:

    3. In Workplace, go to Admin Panel -> Security

  3. Select Authentication SSO, then check Single-sign on (SSO):

    4. Select Authentication SSO and check the Single Sign-On (SSO) checkbox:

  4. Enter the following:

    • Name of the SSO Provider: Enter the appropriate name.

    • SAML URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SAML Issuer URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SAML Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

      • Scroll down to the SAML configuration section.


    • Audience URL: Make a copy of the portion marked in red below. This is your Organization ID. For example, if your Audience URL is: https://www.workplace.com/company/123456, your Organization ID is 123456.

    • Click Test SSO:

      Note: Ensure the email address being used to authenticate with your IdP is the same as the Workplace account you are logged in.

    • Once the test has been completed successfully, click Save Changes:

    enter SAML configuration values

  5. To enable SSO for users refer to this Guide.

  6. In Okta, select the Sign On tab for Workplace by Facebook app, then click Edit.

    • Check Use Workplace Domain.

    • Enter the Organization ID number you just made a copy of in step 4 into the corresponding field.

    • Click Save:

    enter your Organization ID in Okta

  7. Done!

Notes

Make sure that you entered the correct value in the Subdomain field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Workplace by Facebook.


SP-initiated SSO

  1. Go to: https://[your-subdomain].workplace.com

  2. Enter your email, then click Continue:

    3. Go to https://[your-subdomain].workplace.com, enter your email and click Continue