Skip to main content

Okta

  1. First, go to https://$YOUR_OKTA_DOMAIN-admin.okta.com/admin/apps/add-app, then click on "Create New App".

  2. You will land on this page, where you can set the general informations for your SAML app that users will see when logging in.

okta general

  1. Click "Next". You can now configure basic settings:
    • Single sign on URL field is filled with the ACS URL value on GitGuardian dashboard.
    • Audience URI (SP Entity ID) field is filled with the SP Entity ID value on GitGuardian dashboard.
    • Default RelayState is left blank
    • Name ID format must be set to EmailAddress

okta basic settings

  1. Click on "Show Advanced Settings". Here make sure that both Response and Assertion Signature are signed, and that Signature and Digest Algorithm are respectively set to RSA-SHA256 and SHA256. Assertions are not encrypted.

okta advanced settings

  1. Now, some straightforward mapping needs to done:
    • first_name is mapped the user first name
    • last_name is mapped the user last name

okta mappings

  1. Finish your app configuration.

okta config end

  1. Finally, we need to configure the Identity Provider in GitGuardian dashboard. First, click on "View Setup Instructions", then use these values:
    • Entity Id field is filled with the Identity Provider Issuer
    • Single Sign-On URL field is filled with the Identity Provider Single Sign-On URL
    • X509 Cert field is filled with the X.509 Certificate

okta setup instructions\ okta idp_settings