...
Go to your Okta developer account, and navigate to Applications > Create App Integration.
Figure 1: Okta Developer Dashboard - Creating App Integration
Choose SAML 2.0.
Figure 2: App Integration - SAML 2.0
...
Change Name ID format onto EmailAddress.
Figure 5: SAML Setting (General)
...
Scroll down to Attribute Statements (optional) and fill up the attribute mappings. The mappings are needed to identify the users that will be logging in.
Figure 6: Attribute Statements
| Name | Value |
|---|---|
firstName | user.firstName |
lastName | user.lastName |
| user.email |
Complete the rest of the steps by clicking on Next and Finish. You may choose "I'm an Okta customer adding an internal app" for your testing purpose.
...
Edit the app integration that we have just created on Okta.
Figure 7: Obtaining Metadata
...
Copy the Metadata URL and open it in a new window. Copy the entire content.
Figure 8: Metadata
...
Scroll down to look for SHA-2 cert and download certificate.
Figure 9: Download Certificate
Figure 10: Okta Certificate
6. Add users to App Integration
We will need to assign user(s) to the app. Navigate to Applications > Assignments > Assign.
Figure 14: Assign Users to App
Once assigned, the selected users are now abe to SSO into Joget using their identity in Okta.
We are done with setting up OKTA Developer Account and obtains the required items such as IDP Metadata and Certificate. We will not proceed to setup this plugin in Joget.
Plugin Setup
ddd
Upon clicking on the blue login button, the user will be redirected to Okta.
...
Source Code and Plugin Download
...
1. Obtain the plugin source and jar file from https://github.com/jogetoss/sp-saml-directory-manager
...
2.
...
Upload the plugin
...
jar file in Joget by
...
going to Settings
...
→ Manage Plugins
...
Sample Setup using OKTA
Sample Screen Flow using OKTA As Provider
...
3. Once the plugin in uploaded, go to Settings → Directly Manager Settings and choose
Figure 1: Joget Login screen
Figure 2: Login Page using Okta IDP
Upon successfully login in Okta with your registered email you would be redirected back to Joget.
Create App Integration
Figure 3: Okta Developer Dashboard - Creating App Integration
Figure 4: App Integration - SAML 2.0
In Joget, navigate to System Settings > Directory Manager Settings and select the SAML Service Provider Directory Manageras seen in Figure 7.
Figure 7: Select Plugin
Once selected, you should be directed to the next screen in Figure 8. If not, please click on Configure Plugin.
Figure 8: Plugin Configuration
Copy the Entity ID.
Go back to Okta page, and paste the value into:-
- Single sign-on URL
- Audience URI (SP Entity ID)
ss
sssss
ssss
Paste the content into Metadata in Joget.
Figure 11: Paste Metadata into Joget SAML Plugin
ss
11: Select Plugin
Open the certificate with your text editor and copy the value and paste it into Joget.
Figure 1412: Paste the Cert Content
Paste the content into Joget SAML Plugin Metadata in Joget.
Figure 13: Paste Metadata
| Info | ||
|---|---|---|
| ||
You may want to check on User Provisioning Enabled so that if it is the first time an user SSO into Joget, an user account would be created in Joget and the user would be able to continue to log in to Joget. |
Configure the User Attributes.
Figure 1314: Configure User Attributes
Configure User Attributes based on the mappings below.
| Name | Value |
|---|---|
First Name Attribute | firstName |
Last Name Attribute | lastName |
Email Attribute |
The "Value" here corresponds with "Name" column that we have declared in Figure 8 earlier.6 earlier.
Configure the Login Button. This login button will be shown at the Joget Login Screen to enable use to perform Single Sign On (SSO) using OKTA.
Figure 15: Configure Login Button
Up to this point, we have successfully created app integration in Okta and configured the SAML Service Provider Directory Manager plugin in Joget.
No users from Okta are able to log in using this mechanism yet. Continue to read on.
Add Users to App Integration
We will need to assign user(s) to the app. Navigate to Applications > Assignments > Assign.
Figure 14: Assign Users to App
...
To login using this plugin, you have to logout from Joget. Go to Joget Login Page, you will see the following login screen with the login button to perform SSO using OKTA.
| Info | ||
|---|---|---|
| ||
Login screen may differ as show below depending on the App Center but login button will be shown. |
Figure 16: Joget Login screen
Upon clicking on the blue login button, the user will be redirected to Okta.
Upon successfully login in Okta with your registered email you would be redirected back to Joget and will be logged in.
Source Code and Plugin Download
- Please visit https://github.com/jogetoss/sp-saml-directory-manager for the plugin's source code.
- You can find the latest release at https://github.com/jogetoss/sp-saml-directory-manager/releases.
- Upload the plugin to your Joget by navigating to Settings > Manage Plugins > Upload Plugin as admin.