The first step in configuring an application to support SAML based Single Sign-On from Okta is to set up an application in Okta.
In Okta
Here is how to set up a SAML application in Okta:
-
Click on the blue “Admin” button
-
Click on the “Add Applications” shortcut
-
Click on the green “Create New App” button
-
In the dialog that opens, select the “SAML 2.0” option, then click the green “Create” button
-
In Step 1 “General Settings”, enter “Example SAML Application” in the “App name” field, then click the green “Next” button.
-
In Step 2 “Configure SAML,” section A “SAML Settings”, create the “Single sign on URL” https://wepowsubdomain.wepowapp.com/sso/saml/consume
For the recipient, destination URLs use https://wepowapp.com. For "Audience URI" https://wepowapp.com.
Select "Name ID format" and set to "EmailAddress" and "Application username" set to "Email"
Select "Name ID format" and set to "EmailAddress" and "Aplication username" set to "Email"
- In the "Attribute Statements" section, add three attribute statements:
- “FirstName” set to “user.firstName”
- “LastName” set to “user.lastName”
- “Email” set to “user.email”
- "is_owner" set to isMemberOfGroupName("WepowOwner") ? "true" : "false"
- "wepow_team_1" set to "isMemberOfGroupName("Engineering") ? "Engineering" : null"
- "wepow_role_1" set to "isMemberOfGroupName("Engineering") ? "admin" : null"
Click Next to continue.
-
In Step 3 “Feedback”, select “I’m an Okta customer adding an internal app”, and “This is an internal app that we have created,” then click Finish.
-
The “Sign On” section of your newly created “Example SAML Application” application appears. Keep this page open in a separate tab or browser window. You will return to this page later in this guide and copy the “Identity Provider metadata” link. (To copy that link, right-click on the “Identity Provider metadata” link and select “Copy”)
-
Right-click on the“Assign Application” section and select “Open Link In New Tab” (so that you can come back to the “Sign On” section later).
In the new tab that opens, click on the “Assign ” button
-
A dialog titled “Assign to people” will open. Type your username into the search box, select the checkbox next to your username, then click the green “Next” button
- You will be prompted to “Enter user-specific attributes”. Just click the green “Confirm Assignments” button to keep the defaults.
You are now ready to configure SAML in your application. The information in the tab you opened in step #9 contains the information that you’ll need to configure SAML in your application.
In Wepow
-
Enter to the Wepow App, and go to "My preferences"
-
From the section "Organization Settings" click on Single Sign-on
-
Select the option "SAML 2.0 and go back to Okta and pull the information from step #9.
If "Auto-provision" is enabled, users should be created from Okta.
Thank you for using the Wepow Help Center! Our goal is to provide you with excellent customer service, and improve your experience when applying for a new job online!