Versions Compared

Old Version 1

changes.mady.by.user Dev Raj Gautam

Saved on

compared with

New Version 2

changes.mady.by.user Dev Raj Gautam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. On the navbar, expand Apps and Authentication and click SSO Connections. Now click on SAML.

  2. You can view all SAML connections and create a new one by clicking the (plus) icon.

    Image RemovedImage Added

  3. When selecting a SAML connection type, it's important to determine whether the connection will operate as an Identity Provider (IdP) or if it will utilize EID as its IdP. In this article, we'll use the Identity Provider option as our example, as we intend to configure Okta to function as the IdP. Please select the Default SAML IdP connection Settings.

    • The Service Provider (SP) is an application or service that depends on the EID as an Identity Provider (IdP) to authenticate and provide access to users. It uses specialized software to process SAML requests and responses, which contain SAML assertions from the IdP. This allows the SP to manage user access in an efficient manner.

    • The Identity Provider (IdP) is responsible for authenticating users and providing access permissions to EmpowerID. It generates SAML assertions for users after authentication, which EID then uses to grant or deny access to their resources.

      Image RemovedImage Added

  4. Please provide the connection details for the SAML connection.

    Insert excerpt
    IL:Set Up SSO with Okta
    IL:Set Up SSO with Okta
    nameSAMLConnectionGeneral
    nopaneltrue

    Image RemovedImage Added


  5. Please provide the URL of your Okta instance that will be used for Single Sign-On (SSO) authentication.

    Image RemovedImage Added


  6. Please provide the Logout URL and the Logout SAML HTTP protocol used.

    • The Logout URL is the Single Logout (SLO) URL provided by Okta. This URL will handle the logout process, ensuring that the user's session is terminated in both EmpowerID and Okta.

    • The Logout SAML Protocol is the HTTP method to send SAML requests. To configure Okta in EID, please select the HTTPPost option.

      Image RemovedImage Added


  7. You can create a new account, Directory or you can select an existing account directory.

    • Select the checkbox Create a New Account Directory to create a new account directory.

    • Alternatively, you can choose to select an existing account directory.

      Image RemovedImage Added

  8. Please provide the necessary information related to the Certificates for the SAML connection.

    • The Signing Certificate is used by the IdP to digitally sign the SAML assertions and messages it sends to the SP. The SP, when receiving these messages, can use the IdP's signing certificate to verify the message's integrity and authenticity.

    • The Verifying Certificate is used by the SP to verify the digital signatures on SAML assertions and messages sent by the IdP. The SP uses the verifying certificate to ensure that the messages it receives are genuinely signed by the trusted IdP and that they haven't been altered or forged.

  9. Click on the Authn Request tab and select Create a New Authentication Request. Provide the necessary details for the SAML Authentication Request. You can You have the option to create a new one or use an existing oneSAML Authentication Request. Enter the required details to create a new
    authentication request.

    Insert excerpt
    IL:Set Up SSO with Okta
    IL:Set Up SSO with Okta
    nameSAMLConnectionGeneral
    nopaneltrue

    Image Removed


    Image Added


  10. ss