This guide is intended to help configure single sign on / SAML 2.0 for Lucidity Software to be able to authenticate against you Okta users.
...
- Login into your account Okta as an Admin and and navigate to Applications
- Click Create New App
- Select the Platform type as Web and the Sign on method as SAML 2.0
- Click Create
- App name and logo can be anything you want as long as you remember whats it for, we recommend calling your app “Lucidity Software” and using the Lucidity icon provided:
- Once you have done this click Next
Enter the following details provided below and leave the rest as the default value:
Info Replace {site-name} with your lucidity site name
Under the General section:
Single sign on URL
https://{site-name}.luciditysoftware.com.au/simplesaml/module.php/saml/sp/saml2-acs.php/{site-name}
Audience URI (SP Entity ID)
https://{site-name}.luciditysoftware.com.au/simplesaml/module.php/saml/sp/metadata.php/{site-name}
Default RelayState:
https://{site-name}.luciditysoftware.com.au/home/login/lucidityintranet/completesso/{site-name}Info The Default RelayState URL will determine the Lucidity module that users are directed to when they sign in to Lucidity through Okta
Under the Attribute statements:
Add the following:
Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
Name Format: Unspecified
Value: user.loginInfo The value needs to match the username naming convention used for users in Lucidity. If an email is used only the first part is required (eg bob.smith@somewere.com becomes bob.smith for authentication)
- Click Next
- Answer Okta’s question on how the App is going to be used
- Lastly you will need to add the users to the system who will be allowed to login to the app
(see Okta’s instructions)
...