Okta - SAML Integration Instructions

  • 1 minute(s) read
Prev Next

Creating New App Integration

Below are step-by-step instructions for adding Catchpoint SAML Integration to your Okta portal.

  1. Log in to your Okta Admin account, and click on the Applications tab.

  2. Click Applications.

  3. Click the Create App Integration button on the Applications page.
    image.png

  4. In the pop-up that appears Create a New Application Integration, choose SAML 2.0 and click Next.
    image.png

  5. Name your new SAML Integration, and click Next.
    image.png

Once you have reached the Configure SAML page, you MUST configure General Settings, and you may also add Advanced Settings.

General Settings

  1. Single Sign-On URL should be set to "https://portal.catchpoint.com/UI/Entry/SingleSignOn.aspx"
  2. Audience URI to "CatchpointSystems"
  3. Set Name ID format to "EmailAddress"
  4. Application username is "Email"
  5. Scroll down to Attribute Statements and input your namespace. This is a unique ID required by Catchpoint and determined by you. Your organization's users will input the namespace along with their email address when logging into Catchpoint. Adding the namespace attribute is necessary for IDP initiated login.
  6. You can also add group attribute statements as well.
    image.png

Configuring Sign On

Once you have configured your application per the steps above, perform the following steps:

  1. Click on the Applications tab in Okta and select your newly created application.
  2. On the application's page (see below screenshot), click Sign On".
  3. View the SAML 2.0 Setup Instructions section and record the Single Sign-On URL, Logout URL (if needed), and Identity Provider Issuer ID by clicking on "More details".
  4. You can download the Okta Certificate here by clicking on "Actions" under SAML Signing Certificates.
  5. Enter these values into Catchpoint's SSO Settings Page.
    image.png

Assertion Mapping
To have new SSO users automatically created and assigned permission, you need to add Attribute Statements. These statements can be used by Catchpoint as key-value pairs to properly create and configure users, assign permissions, etc. in the Catchpoint portal. For information on how to dynamically populate the attribute values, please see Okta's support documentation.

Okta Advanced Settings

Setting Value
Response Signed
Assertion Signature Signed
Signature Algorithm RSA-SHA256
Digest Algorithm SHA256
Assertion Encryption Unencrypted
Enable Single Logout Optional setting
Single Logout URL (If "Enable Single Logout" is selected") https://portal.catchpoint.com/UI/Entry/SingleSignOn.aspx
SP Issuer CatchpointSystems
Authentication context class PasswordProtectedTransport
Honor Force Authentication Yes
SAML Issuer ID http://www.okta.com/${org.externalKey}