SAML with OKTA¶
Here are the steps to integrate SAML to Faraday using OKTA:
Step 1: Navigate to OKTA's website.
Step 2: Log in into your developer account as a user with administrative privileges.
Step 3: In the Admin console go to Applications → Applications.
Step 4: Click Create App Integration.
Step 5: Select SAML 2.0 in the Sign-in method section. Click Next.
Step 6: On the General Settings page: * Enter the name of your integration (e.g. Faraday). * (Optional) Upload a logo.
Then click Next.
Step 7: On the Configure SAML tab, enter the Assertion Consumer Service (ACS) URL into the Single Sign On URL field and the Entity ID into the Audience Restriction field with the following format:
* Single Sign On URL: https://
After that, in the Attribute Statements section, define the Name of the attribute as username and the Value as user.email.
Then click Next.
Step 8: In the final creation step, you should select the options that suits your company and click Finish.
Step 9: On the General tab, in the Application area, you can access to the Identity Provider Configuration. There you should copy the Identity Provider Single Sign-On URL (SSO URL in Faraday settings), the Identity Provider Issuer (Identity ID in Faraday settings) and the X.509 Certificate (IdP Certificate in Faraday settings). Paste them on Faraday's SAML configuration.
Click on Save.
Step 10: Run this command at a Terminal:
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 1825 -out certificate.pem
This command will return a key that goes into SP Private Key field and a certificate that goes into SP Certificate field on Faraday's SAML configuration.
For more information about configuring a custom SAML app in Okta, please visit their documentation page about this topic.