Skip to main content

Configuring a SAML application on Okta

  1. Log in to Okta, go to the admin dashboard, and select "Applications" in the navigation panel.
  2. Select "Create App Integration".
Thumbnail
  1. Select "SAML 2.0" and click Next.
Thumbnail
  1. Enter an "App Name" and click Next.
Thumbnail
note

Please note that the IdP-Initiated Login URL, Service Provider ID (SP Entity ID),Service Provider Login URL (SSO URL) and Service Provider Logout URL (SLO URL) can be located within the SAML tab under the Account Management Settings section within the Blink Platform.

IdP-Initiated Login URL : Please look in the Account Management Settings section within the Blink Platform to find your unique IdP-Initiated Login URL.

Service Provider ID (SP Entity ID) : urn:amazon:cognito:sp:us-east-1_Nu63sypSS

Service Provider Login URL (SSO URL) : https://cognito.blinkops.com/saml2/idpresponse

Service Provider Logout URL (SLO URL) : https://cognito.blinkops.com/saml2/logout

Thumbnail

Please Note users who use on-premise deployment , please do not use the above values to complete the Create SAML Integration section of the Okta application, instead you should login to your own on-premise deployment app and use the unique values provided in the SAML tab under the Account Management Settings.


  1. Using the unique IdP-Initiated Login URL available in the SAML tab under the Account Management Settings section within the Blink Platform, proceed to the Create SAML Integration section of the application and copy and paste the URL value in the Single Sign-On URL text field. Then copy and paste the Service Provider Login URL (SSO URL) value in both the Recipient URL text field and the Destination URL text field. Lastly copy and paste the Service Provider ID (SP Entity ID) value in the Audience URI (SP Entity ID) text field.
Thumbnail
  1. Scroll down to the “Attribute Statements” section and add the following key-value pairs, and then click Next.
Thumbnail
  1. Then scroll down to the "Group Attribute Statement" section and fill out the following fields like portrayed in the following image
Thumbnail
  1. Then head to the SAML tab under the Account Management Settings section within the Blink Platform and click the Role Mapping section and select the applicable values.
danger

Please note that in the Mapping section, at least one mapping role must be designated as an admin with administrative privileges. Additionally, the user configuring the group must be a part of the group mapped to the Admin role. Otherwise you won't be able to operate as an administrator in your account or access and edit the role mapping again.

Thumbnail
  1. Select “I’m an Okta customer adding an internal app” from the options menu, and then click Finish.
Thumbnail
  1. To give users permission to authenticate via this SAML app, you will need to assign users or groups.

  2. Click on the "Assignments" tab and assign the users or groups you require.

Thumbnail
  1. Click on the "Sign On" tab and scroll down to the "SAML Signing Certificates".
Thumbnail
  1. Click on "View SAML setup instructions".
Thumbnail
  1. Next, under the Optional section at the bottom , copy the IDP metadata values.
Thumbnail
  1. Next, navigate to the SAML section found within the SAML tab in the Account Management Settings. Paste the IDP metadata values into the designated text field labeled Metadata File.
Thumbnail