Create a SAML integration using AIW

SAMLAn acronym for Security Assertion Markup Language, SAML is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP). The SAML standard addresses issues unique to the single sign-on (SSO) solution, and defines three roles: the end user, the IdP, and the SP. Here's how SAML works through Okta: SP-initiated flow: the end user requests (principally through a browser) a service from the SP. The SP requests and obtains an identity assertion from the IdP (in this case, Okta). On the basis of this assertion, the SP can decide whether or not to authorize or authenticate the service for the end user. IdP-initiated flow: with Okta as the IdP, an end user goes to the Okta browser and clicks on an app, sending a SAMLResponse to the configured SP. A session is established with the SP, and the end user is authenticated. integrations use Federated AuthenticationAuthentication is distinct from authorization, which is the process of giving individuals access to system objects based on their identity. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual. Authentication methods and protocols include direct auth, delegated auth, SAML, SWA, WS-Fed, and OpenID Connect. standards to give end usersEnd users are people in your org without administrative control. They can authenticate into apps from the icons on their My Applications home page, but they are provisioned, deprovisioned, assigned, and managed by admins. one-click access to your SAML appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in.. The AIW generates the XML needed for the SAML request.

Before you begin

Task 1: Launch the Wizard

  1. Verify that you are using the AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console. If you are using the Developer Console, you need to switch over to the Admin Console. If you see < > Developer Console in the top left corner of your console, click it, then click Classic UI to switch.
  2. In the Admin Console, go to Applications > Applications.
  3. Click Add Application.
  4. Click Create New App.
  5. To create a SAML integration, select Web as the Platform and SAML 2.0 for the Sign on method.
  6. Click Create.

Task 2: Configure general settings

  • App name — Specify a name identifier for your integration.


    The name can only consist of UTF-8, 3 byte characters

  • Optional. App logo — Add a logo to accompany your integration in the Okta orgThe Okta container that represents a real-world organization.. The logo must be a .png, .jpg, or .gif file and have dimensions of less than 1400 by 400 pixels. It also must be smaller than 100 kilobytes in size.
  • App visibility — Choose whether to hide your integration from your end-users' homepage. Choose whether to hide your integration from the Okta Mobile Apps Store on your end-users devices.

Task 3: Configure SAML settings

A SAML 2.0 configuration requires a combination of information from both your org and the target app. For help completing each field, use your app-specific documentation and the Okta tool tips.

Task 4: Configure feedback

If you are an Okta customer adding an integration that is intended for internal use only:

  • Select I'm an Okta customer adding an internal app
  • Click the check box for This is an internal app that we have created or, if your app requires additional SAML configuration instructions to work with Okta, click the check box for It's required to contact the vendor to enable SAML. Fill in the provided fields to help the Okta support team understand your SAML configuration.
  • Click Finish. Your integration is created in your Okta org.
  • The Settings page for your integration appears, where you can modify any of the parameters and assign your integration to users.

If you are an ISVAn acronym for independent software vendors. Okta partners with various ISVs (usually producing enterprise applications) to integrate on-premises, in the cloud, or native-to-mobile devices with Okta. that wants to add your integration to the Okta Integration Network (OIN):

  • Select I'm a software vendor. I'd like to integrate my app with Okta.
  • Click Finish. Your integration is created in your Okta org.
  • The Settings page for your integration appears, where you can modify any of the parameters and assign your integration to users.
  • After you are satisfied that all settings are correct and you have completed your preliminary testing, click Submit your app for review. This opens the OIN manager site and begins the OIN submission process.

Next steps