Info |
---|
Please note that Third Light does not provide support for setting up products from other vendors and offer these instructions on an example basis only. |
Chorus SAML2 Settings page
Settings Admin > Site > SAML2
- Enable SAML2 Single Sign-On
- Choose Load IdP Metadata from URL or Load IdP Metadata from XML. You can get the correct settings from the Okta documentation, e.g. https://developer.okta.com/docs/guides/saml-application-setup/config-saml-in-app/
- Save SAML2 Settings
Take a note of the SP Entity Id, SP Metadata URL and ACS URL values, as they are needed for the Okta configuration.
Okta 'SAML Settings' page
Tip |
---|
You can obtain the SP Metadata URL and SP Entity ID from the Admin > Site > SAML2 page. |
Single Sign On URL | Enter the Chorus SP ACS URL e.g. https://<your.chorus.site>/samlconsume.tlx/<012345678>/module.php/saml/sp/saml2-acs.php/samlauth |
Recipient URL | As per Single sign On URL |
Destination URL | As per Single Sign On URL |
Audience Restriction/URI | Enter the Chorus SP Entity ID (exactly as it appears in the Chorus configuration page. This is an id string, not an accessible URL) |
Default Relay State | For IdP initialised SSO (where you login to IdP first, then the SP e.g. via intranet portal) add the IdP SSO URL |
Name ID format | Persistent |
Response | Signed |
Assertion Signature | Signed |
Signature Algorithm | RSA_SHA256 |
Digest Algorithm | SHA256 |
Assertion Encryption | Unencrypted |
SAML Single Logout | Disabled |
authnContextClassRef | PasswordProtectedTransport |
Honor Force Authentication | YES |
SAML Issuer ID | http://www.okta.com/${org.externalKey} |
Attribute Statements
Name | Name Format | Value |
---|---|---|
commonName | Basic | String.removeSpaces(user.firstName + "." + user.lastName) |
name | Basic | user.firstName + " " + user.lastName |
emailaddress | Basic | user.email |
You are here:
Page Tree | ||
---|---|---|
|