This guide is intended to help configure single sign on / SAML 2.0 for Lucidity Software to be able to authenticate against you Okta users.
...
- Login into your account Okta as an Admin and and navigate to Applications
- Create a new app
- Select the Platform type as Web and the Sign on method as SAML 2.0
- Click Create
- App name an log can be anything you want as long as you remember whats it for, we recommend calling you app “Lucidity Software” and using the lucidity icon provided
- Once you have done this click next
Enter the following details provided below and leave the rest as the default value:
Info replace {site-name} with you lucidity site name
Under the General section:
Single sign on URL
https://{sitename}.luciditysoftware.com.au/simplesaml/module.php/saml/sp/saml2-acs.php/{sitenamesite-name}
Audience URI (SP Entity ID)
https://{site-name}.luciditysoftware.com.au/simplesaml/module.php/saml/sp/metadata.php/{site-name}
Default reply state:
https://{site-name}.luciditysoftware.com.au/home/login/lucidityintranet/completesso/{site-name}Info This url will determin the Lucidity module users are directed to when the sign in to Lucidity when accessing Lucidity from with in Okta
Under the Attribute statements:
Add the following:
Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
Name Format: Unspecified
Value: user.loginInfo The value need to match the username naming convention used for users in lucidity if an email is used only the first part is required (eg bob.smith@somewere.com becomes bob.smith for authentication)
- Click Next
- Answer Okta’s question on how the App is going to be used.
- Lastly you will need to add the users to the system who will be allowed to login to the app
(see okta’s instructions)
...