SAML Integration

OKTA and Security Assertion Markup Language (SAML) integration helps enable single sign-on across applications. It eliminates the need for web application passwords, enhances security, reduces risks and administration overload, and enables a secure exchange of authentication and authorization.

  • Login to the OKTA account.

  • Navigate to Applications and click on the Create App Integration option. The Create a new app integration modal appears.

  • Select the SAML 2.0 option.

  • Click Next. The Create SAML Integration page appears.

Create SAML Integration

  1. General Settings

  • Enter the App name

  • Upload the App logo (optional).

  1. Configure SAML A SAML Settings


  • Enter the Single sign-on URL. It is the location where the SAML assertion is sent with an HTTP POST. It is also called the SAML Assertion Consumer Service (ACS) URL for your application.

Format, http://ServerURLandPort Number/auth/realms/userful/broker/SAMLIntegrationName/endpoint

For example,

  • Enter the Audience URI ( SP Entity ID) It is The application-defined unique identifier that is the intended audience of the SAML assertion. This is most often the SP Entity ID of your application.

Format, http://server_url_and port number_port/auth/realms/userful

For example,

  • Select Name ID Format as EmailAdress.

  • Select Application Username as Email.

  • Select update application username on as Create and update.

Attribute Statements

  • Add the following attributes:

    1. Name: email, Name format: unspecified, Value:

    2. Name: firstName, Name format: unspecified, Value: user.firstName

    3. Name: lastName, Name format: unspecified, Value: user.lastName.

3. Feedback

Set up SAML Integration

  1. Navigate to Admin Center > User Management > External Authentication > SAML Integration.

    • Enter the Alias name as SAML.

    • Provide the Single Sign-On Service URL. Also known as Sign On URL in OKTA’s application Metadata details.

    • Enter the Display Name

    • Enter the Single Logout Service URL. Also known as Sign out URL on OKTA’s application Metadata details.

    • Enter the Entity ID. It is the Audience URI (SP Entity ID) set during application creation.

    • Enter the IDP Entity ID. Also known as Issuer in OKTA’s application Metadata details.

Login using the OKTA account

Last updated

Copyright © 2024 Userful Corporation. All rights reserved.