Okta

How to Configure SAML 2.0 for eFront

Contents


Supported Features

The Okta/eFront SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.


Configuration Steps

  1. Login to your eFront account.

  2. Select System Settings:

    efront1.png

  3. Navigate to Single Sign On > SAML, then follow the steps below:

    • Check Enable SAML support.

    • OPTIONAL: Check Create user if no match was found to enable JIT (Just In Time) Provisioning.

    • Identity Provider: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Certificate fingerprint: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Remote Sign-in URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • TargetedID: Enter Username.

    • First Name: Enter Firstname.

    • Last Name: Enter Lastname.

    • Email: Enter Email.

    • SP Metadata XML: Download and then open the xml file. Make a copy of the entityID, shown in red, below. This is your Audience URI.

      efront2.png

    • Click Save.

    efront3.png

  4. In Okta, select the Sign On tab for the eFront SAML app, then click Edit.

    • Enter the Audience URI value you made a copy of in step 3 into the corresponding field.

    • Click Save.

    efront4.png

  5. Done!


Notes

Make sure that you entered the correct value in the Domain field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to eFront.

The following SAML attributes are supported:

SP-initiated SSO

  1. Go to: [your-eFront-domain]/ URL.

  2. Click SIGN IN WITH SAML:

  3. efront5.png