Versions Compared

Old Version 20

changes.mady.by.user Dev Raj Gautam

Saved on

compared with

New Version Current

changes.mady.by.user Dev Raj Gautam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt
nameSAMLAuthRequest

Input Fields

Description

SP Name Qualifier

A unique identifier associated with EmpowerID, input EmpowerID. This should be the same to what we specified in the Audience URI while configuring the SAML application in Okta.

Assertion Consumer URL

This URL is the endpoint where SAML assertions are sent from successful authentication and authorization by OKTA or the SP to EID or the IdP. Use https://{yourempoweridurl}/WebIdPForms/Generic/AuthenticationResponse as the URL. Replace 'yourempoweridurl' with the URL used to access EmpowerID, such as sso.empoweriam.com.

Submission Method

Please choose the appropriate HTTP method to send SAML requests. Select HTTPPost for Okta configuration.

Issuer Name

Identifier that specifies the entity that issued a SAML assertion or message. Please enter the https://{yourempoweridurl}/ you obtained earlier from your Okta app Integration that you use to access EmpowerID. Please replace 'yourempoweridurl' with the URL used to access EmpowerID, such as sso.empoweriam.com.

Signing Certificate

The signing certificate contains a public key used to sign the SAML assertion digitally. Please choose the EID Federation Certificate as the signing certificate.

Verifying Certificate

A verifying Certificate is used by the receiving party to verify the digital signature on a SAML message. Please choose the Signing Certificate you obtained from Okta app Integration and upload it to EID earlier in step #4.

Excerpt
nameOktaConfig

Input Fields

Description

Single Sign-On URL (SSO URL)

Please provide the SAML endpoint URL in EID for SAML assertion that accepts HTTP POST. Input https://{yourempoweridurl}/WebIdPForms/Generic/AuthenticationResponse as the URL. Replace 'yourempoweridurl' with your organization URL used to access EmpowerID, such as sso.empoweriam.com.

Recipient URL

Provide the URL or endpoint where the Okta sends a SAML assertion to the EID during the Single Sign-On process. This URL will be the same as the SSO URL provided earlier; input https://{yourempoweridurl}/WebIdPForms/Generic/AuthenticationResponse as the URL. Replace 'yourempoweridurl' with your organization URL used to access EmpowerID, such as sso.empoweriam.com.

Destination URL

The destination URL specifies the destination within the SAML assertion where the SAML response is meant to be delivered from Okta. This URL will be the same as the SSO URL provided earlier; input https://{yourempoweridurl}/WebIdPForms/Generic/AuthenticationResponse as the URL. Please replace 'yourempoweridurl' with the URL used to access EmpowerID, such as sso.empoweriam.com.

Audience URI (SP Entity ID)

Provide the specific identifier that serves as the intended recipient of a SAML assertion or response; please input EmpowerID. This should be the same when we specify the SP Name Qualifier later while configuring the SAML connection in EmpowerID.

Name ID format

Leave unspecified Unspecified for the Name ID Format.

Application User Name

You must provide their identifier or username to identify a user within a specific application or service. In the case of EmpowerID, you should select the AD SAM account name. To make this possible, you must create the attribute mapping for the AD SAM account name in your Active Directory in Okta. Once you have done that, you can choose the field here.

...