Use Okta for SSO authentication Learn how to use Okta for Single Sign-On (SSO) authentication with SAML 2.0 so members of your organization can sign in to Kobiton using their Okta credentials. Get Kobiton parameters First, you’ll need to save a copy of your Kobiton SSO attributes so you can easily add them to your IdP later. In Kobiton, select your profile, Settings, then choose SSO Settings. From Basic configuration, copy the following values and save them to a note: Entity ID (or Audience URL) Reply (or SSO, or ACS) URL From User attributes (or parameters), copy the following values and save them to a note: email firstName lastName phoneNumber memberOf Later you’ll finish configuring your Kobiton SSO settings so keep this browser window open. Create IdP application In OKTA, select Applications, then Add Application. Select Add Application on the Applications page. Select Create New App, then fill out the form using the following: Platform: Web Sign on method: SAML 2.0 When you’re finished, select Create. In General Settings, enter a display name and add a logo to customize your sign-in portal, then select Next. Map parameters and download certificate Now that your IdP application is created, you’ll need to create Okta SSO parameters mapped to Kobiton and download your Okta certificate. Go to SAML Settings to get started. Using your Kobiton SSO parameters from earlier, fill out the following fields: Single sign on URL Use this for Recipient URL and Destination URL: ☑ Allow this app to request other SSO URLs: ☐ Audience URI (SP Entity ID) Default RelayState Next, create the following custom parameters: Parameter 1 Name: email Name format: Basic Value: user.email Parameter 2 Name: firstName Name format: Basic Value: user.firstName Parameter 3 Name: lastName Name format: Basic Value: user.lastName Finally select Download Okta Certificate. When you’re done, select Next, then Finish. Get IdP parameters Next you’ll need to save a copy of your Okta parameters you can add to Kobiton later. Select Sign On, then View Setup Instructions. In your SAML application’s configuration, go to the Sign On tab. Click View Setup Instructions and populate Box 3 of your Kobiton portal SSO settings page with this information. Copy the following values and save them to a note: Identity provider issuer Identity issuer URL Identity provider sign-in URL Identity provider sign-out URL Identity provider certificate Add IdP parameters and certificate to Kobiton Now, you’ll need to add your IdP parameters and certificate to your Kobiton organization. In your SSO Settings, scroll down to Set up at Kobiton side. Add your IdP parameters and certificate to the following: Identity provider issuer Identity issuer URL Identity provider sign in URL Identity provider sign out URL Identity provider certificate Verify and save configuration If you enable Enforce users to login to Kobiton only through SSO, you’ll also gain access to Specify Organization Access Restrictions with the ability to enable Pass role/team assignments to users in the SAML validations. Choose the method that’s best for your organization. After you’ve chosen a method, select Verify to test your SSO configuration. If you received a successful response, select Save to complete your SSO configuration.