Input Fields | Description |
|---|---|
Name | Provide a unique and descriptive identifier for the connection. |
Display Name | Please provide a clear and easy-to-understand label that will appear in the application's user interface to represent the connection. |
Name Identifier Format | Please select the format and structure of the unique identifier for the SAML assertion subject. This identifier represents the user or entity to which the SAML assertion refers. For Okta, select Unspecefied. |
SAML Submission Method | Please choose the appropriate HTTP method to send SAML requests. Select HTTPPost for Okta. |
Level of Assurance | If you use multifactor authentication and want to adjust the default Level of Assurance (LoA) points for the connection, enter a new value in the Level of Assurance (LoA) field. |
Issuer | Enter the issuer URL from the Okta platform. |
Initiating URL | The URL that initiates the SMAL request from EmpowerID. The default value is "/WebIdPForms/Generic/AuthenticationRequest." |
Tile Image URL | Please supply a URL (Uniform Resource Locator) for the image that will serve as the icon representing the Single Sign-On (SSO) connection on the login screen. |
Input Fields | Description |
|---|---|
SP Name Qualifier | A unique identifier associated with EmpowerID, input EmpowerID. |
Assertion Consumer URL | This URL is the endpoint where SAML assertions are sent from successful authentication and authorization by OKTA or the SP to EID or the IdP. Use https://{yourempoweridurl}/WebldPPorms/Generic/AuthenticationResponse as the URL. Replace 'yourempoweridurl' with the URL used to access EmpowerID, such as sso.empoweriam.com. |
Submission Method | Please choose the appropriate HTTP method to send SAML requests. Select HTTPPost for Okta configuration. |
Issuer Name | Identifier that specifies the entity that issued a SAML assertion or message |
Signing Certificate | Please choose the EID Federation Certificate as the signing certificate. |
Input Fields | Description |
|---|---|
Single Sign-On URL (SSO URL) | Please provide the SAML endpoint URL in EID for SAML assertion that accepts HTTP POST.Input https://{yourempoweridurl}/WebldPPorms/Generic/AuthenticationResponse as the URL. Replace 'yourempoweridurl' with your organization URL used to access EmpowerID, such as sso.empoweriam.com. |
Recipient URL | Provide the URL or endpoint where the Okta sends a SAML assertion to the EID during the Single Sign-On process. This URL will be same as SSO URL provided earlier; input https://{yourempoweridurl}/WebldPPorms/Generic/AuthenticationResponse as the URL. Replace 'yourempoweridurl' with your organization URL used to access EmpowerID, such as sso.empoweriam.com. |
Destination URL | The destination URL specifies the destination within the SAML assertion where the SAML response is meant to be delivered from Okta. This URL will be same as SSO URL provided earlier; input https://{yourempoweridurl}/WebldPPorms/Generic/AuthenticationResponse as the URL. Please replace 'yourempoweridurl' with the URL used to access EmpowerID, such as sso.empoweriam.com. |
Audience URI | Provide the specific identifier that serves as the intended recipient of a SAML assertion or response; please input EmpowerID. This should be the same as what we have provided in the SP Name Qualifier while configuring the SAMl connection in EmpowerID earlier. |
Name ID format | Leave unspecified for the Name ID Format. |
Application User Name | To identify a user within a specific application or service, you need to provide their identifier or username. In the case of EmpowerID, you should select the AD SAM account name. To make this possible, you must set up the attribute mapping for the SAM account name in your Active Directory in Okta. Once you have done that, you can choose the field here.ectory in Okta. Once you have done that, you can choose the field here. |