Configure SAML in Okta

This guide describes the steps required to create a working SAML integration between Okta and GoBright.

We recommend to open two browser windows side by side, because you’ll need to switch between the two.

Steps to configure Okta & GoBright SAML

In the Okta admin panel

Go to ‘Applications’ > ‘Applications’.
There click ‘Create App Integration’:

Choose ‘SAML 2.0’:

Enter the name, and do not display the app to users:

Hit ‘Next’ and fill in the ‘Configure SAML page’.

In the GoBright Portal

Create the SAML integration, and take the following values:

  • Obtain the ‘Reply URL (Assertion Consumer Service URL)’
  • Obtain the ‘Relying party identifier / Entity Id’

Back in the Okta admin panel

  1. Paste the obtained Reply URL into the ‘Single sign-on URL’ field
  2. Paste the obtained Relying party identifier’ into the Audience URI (SP Entity ID) field

The other fields in Okta should be configured as:

  • ‘Default RelayState’: keep empty
  • ‘Name ID format’: select ‘Unspecified’
  • ‘Application username’: select ‘Okta username’
  • ‘Update application username on’: select ‘Create and update’

In the list ‘Attribute Statements’, add:

ATTRIBUTE STATEMENT VALUE REQUIRED
name user.displayname OR
user.firstName + ” ” + user.lastName
yes
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone user.mobilePhone no
gobright.pincode [your pincode field] no
gobright.nfc [your nfc field] no
gobright.defaultcostcenteridorname
[your default costcenter field] no

The result should look like this:

Now save the application.
The Sign On-tab will open automatically.

Scroll down on that Sign On-tab, and click View SAML setup instructions

Obtain the following details from Okta

  • Obtain the Identity Provider Single Sign-On URL
  • Obtain the X.509 Certificate

Final steps in the GoBright Portal

Apply the obtained values in the SAML integration in the GoBright Portal:

  • Paste the the ‘Identity Provider Single Sign-On URL in the ‘Single Sign-on service url’ in the GoBright Portal
  • Paste the the ‘X.509 Certificate in the ‘Token-signing certificate (Base64)’ in the GoBright Portal

Optional: GoBright as ‘bookmark app’ in Okta
To show the ‘GoBright’ app as icon, follow: https://help.okta.com/en-us/Content/Topics/Apps/apps-create-bookmark.htm

This article comes from the Help Center of GoBright.

View original article

FAQ

Ask us anything! Find the answers to the most frequently asked questions here.

Browse the FAQs

Help Center

A goldmine for all IT and Facility Managers. Dive into the technical stuff concerning our products and solutions.

Visit the Help Center

Newsletter

Wanna stay informed of all developments within the smart office and our new features? Subscribe now.

Subscribe now