Skip to main content
Sign in

Cloud Streaming - Okta SAML V2 Setup Guide

Ryan Barnes
  • Updated

For detailed information regarding Okta SAML setup within Okta's application, please refer to the following guide: 

Create a SAML integration using AIW | Okta


Use the SAML Service Provider Metadata XML file provided by Swank to import our configuration into your SAML Provider. You can download the file here.

 

Step 1 – Configure Okta SAML integration

Please find examples below of successful Okta SAML settings. Please treat these settings as a starting template. The URLs listed are specific and accurate. The other values in these settings may vary by application. 

Before you create a new SAML integration in Okta:

  • Determine the default Assertion Consumer Service (ACS) URL for your integration. This is often referred to as the SP sign-in URL. This is the endpoint on your application where the SAML responses are posted.
  • Find your Audience URI. This is sometimes referred to as the SP Entity ID or the Entity ID of your application
  • (Optional). Set up a Default Relay State page, where users land after they successfully sign in to the SP using SAML. This must be a valid URL.
    • Leave this blank

  • Gather any required SAML attributes. You can choose to share Okta user profile field values as SAML attributes with your application.
    • You will need to determine your defining attribute(s) to grant user permissions upon signing in. Then map those attributes to the appropriate Roles within the Swank Admin portal

Please refer to the settings below: 

Single Sign On URL https://digitalcampus.swankmp.net/saml/ReceiveSingleSignOn
Recipient URL https://digitalcampus.swankmp.net/saml/ReceiveSingleSignOn
Destination URL https://digitalcampus.swankmp.net/saml/ReceiveSingleSignOn
Audience Restriction https://digitalcampus.swankmp.net
Default Relay State  
Name ID Format EmailAddress (this may vary for your specific application)
Response Signed
Assertion Signature Signed
Signature Algorithm RSA_SH256
Digest Algorithm

SHA256
Assertion Encryption

Unencrypted
SAML Single Logout

Disabled
authnContextClassRef

PasswordProtectedTransport
Honor Force Authentication

Yes

None (Disabled)
SAML Issuer ID

http://www.okta.com/$(org.externalKey)

 Attribute may vary by application. 

mceclip0.png

Another example:

Screenshot 2024-06-18 at 1.44.48 PM.png

We strongly recommend using the following standardized names for these attributes:

urn:oid:2.5.4.42 > user.firstName
urn:oid:2.5.4.4 > user.lastName
urn:oid:0.9.2342.19200300.100.1.3 > user.email

Please refer to the images above as an example.  Using the standard urn:oid: attribute names will allow us to recognize this information and automatically populate the account details for any Instructor and Admin level accounts.

Step 2 – Configure Digital Campus SAML Authentication

  1. Refer to the following article to continue setup in the Swank Cloud Streaming Admin:
    Configuring Swank Cloud Streaming SAML Authentication

 

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk