How to configure SSO with Okta SAML

For companies with a high volume of users or who have extensive security requirements, Single Sign-On (SSO) can make managing users easier and more streamlined. GoCanvas allows you to connect to several SSO providers, including Okta SAML.

Adding Okta SAML

1. Sign in to your Okta SAML admin console and click on Applications at the top:
   
   
   
   
2. Click Add Application:
   
   
   
   
3. Click Create New App:
   
   

A new window will appear.

1. In the Platform dropdown, select Web. For Sign on method choose SAML 2.0:
   
   
   
   
2. Click Create to confirm your selections.
3. On the next screen, name your app, upload an app logo (optional), and set your app visibility.
4. Click Next to confirm those settings.

You will be presented with a Create SAML Integration page.

1. Fill in the Single sign on URL, Audience URI (SP Entity ID), and make sure that the Name ID format, Application username fields match the screenshot below:
   
      
• Single sign on URL: https://www.gocanvas.com/saml/acs
• Select User this for Recipient URL and Destination URL
• Audience URL (SP Entity ID): https://www.gocanvas.com
• Name ID format: EmailAddress
• Application username: Email
2. Click Next and then Finish.

You’re almost finished! On the next screen, click the View Setup Instructions button:

The next page will show you the information that you need to configure SSO within GoCanvas. You’ll see the Identity Provider Single Sign-On URL, Identity Provider Issuer, and the X.509 Certificate. You will need all of these, so make sure to keep this page open.

1. Navigate to gocanvas.com and log in as an admin. 
2. Click on Account > Account Settings. 
3. Scroll to the bottom of the page and click the Settings button next to Single Sign On.
4. You will see a page like the one below:
   
   
   
   
• For the Issuer URI, enter the value in the Identity Provider Issuer field inOkta.
• For the Sign In URL, enter the value in the Identity Provider Single Sign-On URL field in Okta.
• If you need a Sign Out URL, enter the value in the Identity Provider Single Logout URL field in Okta.
5. Click Save at the bottom of the page.

You should now be able to set up and manage your GoCanvas users through Okta SAML.