Instructions on how to configure a SAML SSO application with Okta.
Access Okta Applications
Create New App Integration
Choose SAML 2.0 Integration Type
Choose SAML 2.0 Integration Type
https://cognito.blinkops.com/saml2/idpresponse
Service Provider Logout URL (SLO URL) : https://cognito.blinkops.com/saml2/logout
Enter Blink SAML URLs and Identifiers
Configure Attribute Statements
Add Group Attribute Statement
Resolving SAML Group Mapping Errors with AWS Cognito
custom:groups
attribute whose total character length exceeds AWS Cognito’s 2048-character limit for string attributes.In this specific case:Blink Builders
Blink Users
Blink Admins
custom:groups
attribute stays within Cognito’s size constraints.
*
) sends all group memberships, including unrelated or nested ones. This makes it unpredictable and highly prone to exceeding limits,especially in large organizations. This change needs to be made in the client’s IdP application settings, not in Blink or Cognito itself. Map Roles in Blink Platform
Finish SAML App Setup in Okta
Assign Users or Groups to the SAML App
Go to Assignments Tab
Open Sign On Tab and Locate Certificates
View SAML Setup Instructions
Copy IDP Metadata Values
Paste Metadata in Blink Platform