Okta

How to Configure SAML 2.0 for Zapier


Read this before you enable SAML

These SAML instructions contain Single Log-Out (SLO) configuration steps that are optional. If you are not going to use SLO, skip the steps that are marked as [Optional SLO] and highlighted in blue.

Contents


Supported Features

The Okta/Zapier SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.


Configuration Steps

  1. Login to Zapier.

  2. Click your icon, then select Settings:

    zapier1.png

  3. Select SAML, then follow the steps below:

    • Entity ID: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SSO URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Certificate: Copy and paste the following certificate into this field:

      Sign into the Okta Admin Dashboard to generate this variable.
    • [Optional SLO]: Identity Provider Single Logout Url: Copy and paste the following:

      Sign into the Okta Admin dashboard to generate this value.

    • [Optional SLO]: Signed Single Logout: Select Yes.

    • [Optional SLO]: Single Logout Signature Algorithm: Select http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

    • Optional fields Email, First Name, Last Name: Leave blank.

    • Enable SAML login (optional): Select Yes to enable SP-initiated SSO. The user now will only log in via SAML.

    • Click Save Changes:

    zapier_new1.png

    zapier_new2.png

  4. Still on the SAML settings page, scroll down to the Service Provider Configuration section and make a copy of the Tenant Identifier value:

    zapier4.png

  5. In Okta, select the Sign On tab for the Zapier SAML app, then click Edit.

    • Enter your Tenant Identifier value you made a copy of in step 4 into the corresponding field.

    • [Optional SLO]: Check Enable Single Logout.

    • [Optional SLO]: Signature Certificate: Save the following certificate as slo.cert, click Browse to locate it, then click Upload to upload it to Okta:

      -----BEGIN CERTIFICATE-----
      MIIC6jCCAdICCQCxqW9pV/wV9zANBgkqhkiG9w0BAQsFADA3MQswCQYDVQQGEwJV
      UzETMBEGA1UECgwKWmFwaWVyIEluYzETMBEGA1UEAwwKemFwaWVyLmNvbTAeFw0y
      MDAyMDQwNzQ3NTdaFw0yNTAyMDIwNzQ3NTdaMDcxCzAJBgNVBAYTAlVTMRMwEQYD
      VQQKDApaYXBpZXIgSW5jMRMwEQYDVQQDDAp6YXBpZXIuY29tMIIBIjANBgkqhkiG
      9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDlWVEWJ+3dsXHde/5TEpnZNPby8c3/esdYi
      tgHeI67l+HL7H+vOUMscwEhlbXsFU30yjU0rUH4tuETof2uGr7vXBgoZCDEJDW/B
      PmQD0XynEGleBjrvT0cUlVJWCY1N3iZv8I/LsytwpbiT3w1C6BbyiempFkydgq33
      zPuSpUPNLjb0ku3S4uhjvIFFFsF725sqEraNB5XlL4y3gdXYJx/IFfM0UKqJWMOF
      As3yNhzdDeEL4bYDmVrr7jrAdAzJqUH4AGt9k3XqKRS6A5pOo98DnHXVPnFDtcbg
      kbcvzmVnaQKsJ1sHAJL4tdie/2gwEta/h9E9JwtKijcycTZOLQIDAQABMA0GCSqG
      SIb3DQEBCwUAA4IBAQAwLa9qYeMBW7w+akmRejwtYCSpnUdV2iY2temGLaOEu39H
      qrBtkldLWPG5KMuv4KfoSRE7Hou4JBdb9eHCznLqVFtftuLH6IW3WFrWmZqpyrc9
      CKl3twNdwoD94M4JbeUNCJfGnDhC2YL0qnqspo5It0gBqXiaoD3oxKT9V8DyZztj
      r/3hIF5vVbSW5mKba2yoGwPESCqssYLakEZsiZklqwPDHMB9RFz6p+BQzyjdNoMF
      p5yGjkTBRqzJ+9X7JLMEZqxR9BUW1bAijDIp4E1rzhpkqrkUqbhfvVkvkfRCFLXb
      6TivDxC88J5/hqdpp0xG+nDUOQAPbtdIKnO9O4VT
      -----END CERTIFICATE-----
      
      
    • Click Save.

  6. Done!


Notes

The following SAML attributes are supported:


SP-initiated SSO

  1. Go to: https://zapier.com/app/login/

  2. Enter your email, then click Continue.