SAML Integration for Okta AD
Follow these steps to integrate Okta with Timus using SAML 2.0 for secure Single Sign-On (SSO).
1. Creating an Okta Application
Navigate to Applications:
Log in to your Okta admin console.
Go to Applications under the Applications tab.
Create a New Application:
Click Create App Integration.
Select SAML 2.0 as the sign-on method.
Click Next.
2. Configuring Okta Application with Timus SAML Information
App Setup:
Enter a custom name for the application under the App name.
Click Next to proceed.
SAML Settings:
Single Sign-On URL: Enter
https://auth.timuscloud.com/user/external/saml
Audience URI (SP Entity ID): Initially enter
http://okta.com
(you will modify this after generating the issuer URL).NameID Format: Select EmailAddress.
Attribute Statements:
Add firstname and lastname as attribute statements.
Finalize Setup:
Scroll down and click Next.
For quick setup, select the appropriate option and click Finish.
3. Displaying Okta Information
View SAML Details:
Click View Setup Instructions to display the Issuer, Sign-On URL, and X.509 Certificate.
You’ll use these details to configure Timus.
4. Editing Okta Application for Audience URI
Modify Audience URI:
Copy the Issuer URL and paste it into the Audience field.
Save Changes:
After updating, proceed by clicking Next and Finish to save your changes.
5. (Optional) Enabling Assertion Encryption
Enable Encryption:
Edit the SAML application in Okta.
Click Show Advanced Settings.
Configure Encryption:
Set Assertion Encryption to Encrypted.
Enter the Encryption Certificate and Signature Certificate as needed.
Finalize Encryption:
Click Next and then Finish to complete the setup.
6. Configuring Timus SAML Integration
Access Timus Manager:
Sign in to Timus Manager.
Go to Settings -> Integrations.
Manage SAML 2.0 Integration:
Click Manage under SAML 2.0.
Fill in the fields according to the mapping provided in the table below.
Okta Name Timus Equivalent Sign-On URL
Service URL
Issuer
Identifier
Signing Certificate
X.509 Certificate
Complete the Setup:
Save the configuration. Your SAML integration is now ready.
7. Assigning Users and Testing Integration
Assign Users to the Application:
In Okta, navigate to Assignments.
Click Assign and add the required users.
Test the Application:
Use a different browser or incognito mode to test the SSO process by logging in as an assigned user. After completing the configuration steps, it's important to remind users that their first login must be initiated through the application in your Identity Provider (IdP). This initial login via the application is necessary to create the user account within Timus.
Upon successful authentication, users will be redirected to Timus.
This completes the SAML configuration for Okta with Timus. Your users can now authenticate securely through Okta to access Timus applications.
Last updated