How to setup SSO with OKTA

Updated January 31, 2025 16:19

This article describes how an organization can set up SSO on Okta utilizing the SAML2 protocol. The Templafy application is available in the Okta portal and comes with out-of-the-box SAML connectors and some pre-configured User Claims.

Prerequisites

Administrator rights in Okta portal.

Step-by-Step Installation

With Administrator rights, login to your Okta Admin Portal.
Navigate to Applications.
Select the Applications subsection.
Click on Browse App Catalog.
Use the search function and type Templafy in the search field.
Confirm your selection by clicking Add when Templafy appears.
Edit the General Settings according to your preferences and hit Done to add the application to your Gallery.

Obtain Metadata URL to Complete the Setup

In the Templafy Application, navigate to the Sign On tab.
Under Advanced Sign-On Settings, check Upgrade to Templafy HIVE.

Enter the Assertion Consumer Service value corresponding to your cluster.

West Europe (Production 0)	https://templafyprod0.auth.templafy.com/auth/saml2/auth-services/Acs
West Europe (Production 1)	https://templafyprod1.auth.templafy.com/auth/saml2/auth-services/Acs
East US (Production 2)	https://templafyprod2.auth.templafy.com/auth/saml2/auth-services/Acs
East Australia (Production 3)	https://templafyprod3.auth.templafy.com/auth/saml2/auth-services/Acs
Canada (Production 4)	https://templafyprod4.auth.templafy.com/auth/saml2/auth-services/Acs
West Europe (Production 5)	https://templafyprod5.auth.templafy.com/auth/saml2/auth-services/Acs

Next, click on the View SAML Setup Instructions.
In the new tab that opens, locate the Configuration Steps subsection.
Copy the Metadata URL from Step 2.
Provide the URL to your Templafy Implementation Partner.

Congratulations! You have now completed the basic setup.

Configure User Profile Mappings

In Okta Admin portal locate the Directory tab.
Navigate to Profile Editor.
Search for the Templafy app, then click on the name of the app
Select Add Attribute.
Enter the following required fields:
- Display Name: Enter a preferred attribute name.
- Variable Name: Variable names are pre-defined and case sensitive.
  - title
  - mobilePhone
  - primaryPhone
  - streetAddress
  - city
  - state
  - zipCode
  - preferredLanguage
  - department
  - country

Note

15 custom claims are also supported via Okta, following the example below:

- Name: http://schemas.templafy.com/2016/06/identity/claims/customclaim4
- Name format: Basic
- Value: appuser.customClaim4

Once the schemas have been input, the attributes can be added as illustrated in Step 5 above (ex. Display & Variable Name = customClaim4). Then, the custom claims will be available for Step 7 below.

6. Complete the action by either clicking Save or Save an Add Another, if you wish to continue adding more attributes.

7. Once you have added all attributes you want to send to Templafy, click on Mappings to map them against attributes from the Okta Base User profile.

8. In the Mappings section select Okta User to Templafy.

9. Start typing the required attribute from the Okta Base User profile (or use the dropdown list) and select the attributes you want to map.

10. In a similar manner continue to do so until all attributes have been mapped.

11. To ensure claims are regularly updated select the option Apply mapping on user create and update.

12. Review the mappings and confirm the setup by clicking Save Mappings.

13. Now that mappings are saved, hit Apply updates now to pass the attributes with their respective values from the Okta Base User Profile to Templafy.

Configure Group Claims

If you wish to pass Okta groups as part of the SAML response, please follow these steps:

In Okta, look up the Templafy App in the Applications directory
Navigate to the Sign On tab of the App, then click Edit.
Select your preferred group filter from the dropdown list.
Select Matches regex and enter .* in order to send all Okta groups to Templafy.
Click Save.

Related to

authentication

SSO authentication okta

Articles in this section