Step 1: Create SAML Integration
In your Okta Application Dashboard go to "Applications" in the sidebar.
Click "Create App Integration".
Select "Create New App", then select "SAML 2.0" as a Sign on method, then click "Next".
Enter an App name that describes Ten Thousand Coffees, then click "Next".
On the Configure SAML tab in Okta, copy Single Sign-On URL and Audience URI (SP Entity ID) to the right fields. These will be provided to you by Ten Thousand Coffees via a unique setup link.
Submit the "Single Sign-On URL" and the "Audience URI (SP Entity ID)".
Step 2: Configure Attribute Statements
Find Attribute Statements configuration in SAML Settings.
Fill in the following Attribute Statements and click "Next":
Name | Value |
id | user.id |
user.email | |
firstName | user.firstName |
lastName | user.lastName |
Step 3: Submit Application Feedback
Select "I'm an Okta customer adding an internal app" from the options menu.
Step 4: Add Users to SAML App
In order to test out SSO authentication, you will first need to assign your Okta SAML app to Groups.
Click on the "Assignments" tab of the app and then select "Assign to Groups".
Find the Group(s) that you would like to assign to the app and click "Assign" next to it. Click "Done" when you're finished.
Step 5: Upload Identity Provider Metadata
To implement SAML SSO you will need to share your identity provider's metadata with the application.
URL Metadata Configuration
Click on the "Sign On" tab of the SAML app you just created.
Locate the "Metadata URL" under the "Metadata details".
Select "Copy" to copy the link, then paste it in the unique setup link shared with you earlier by Ten Thousand Coffees.
7: Test Single Sign On
Ten Thousand Coffees will ask you to try signing in to test the connection.