Setup SAML SSO for Okta as Identity Provider
Download the SnapComms Content Manager’s Metadata
- Go to App Management > Mac & Mobile Settings > change the authentication method to SAML Authentication, then ‘click to set up’ link.
- From the SAML Configuration Page, click on the SnapComms Metadata URL
Configuring your Okta SAML Application
From the Okta dashboard > Applications > create a new application selecting Web as the platform and SAML 2.0 as sign on method
- Open the SnapComms Content Manager metadata URL (generated from [Content Manager API URL]/authservices), copy the entity ID and ACS location values into Okta's SAML Settings SP Identity ID and Single sign on URL fields respectively. Other settings can be left to default values, then click 'Next' and Finish (just leave this to 'I'm an Okta customer adding an internal app').
Under the Sign On menu > click on the 'View Setup instructions' for SAML 2.0, copy the Identity Provider Issuer and paste in Identity Provider ID in CM. Copy Identity Provider Single Sign-on URL, remove the snapcommsorg120424_oktasnaprnd_1/ and add /metadata at the end e.g. https://snapcommssnaprnd.okta.com/app/exkq9c7ivFILUFNxs356/sso/saml/metadata, and paste in the Identity Provider Metadata URL in the CM. Download the certificate from Okta and change the file extension from .cert to .cer
4. Go back to the Application settings > Assignments, click the 'Assign' button and assign either users or groups