QorusDocs makes use of the SAML protocol to manage access to the application and customer's resources.QorusDocs has been extended to support the SAML protocol for use with Identity management systems like Okta.
What is Okta and what is it used for?
Okta is a customizable, secure, and drop-in solution to add authentication and authorization services to your applications. Okta connects any person with any application on any device. It's an enterprise-grade, identity management service, built for the cloud, but compatible with many on-premises applications. With Okta, IT can manage any employee's access to any application or device.
What is SAML and what is it used for?
SAML is an open standard used for authentication. Based upon the Extensible Markup Language (XML) format, web applications use SAML to transfer authentication data between two parties - the identity provider (IdP) and the service provider (SP).
Configuration overview:
Follow these general steps to set up your environment to use SAML.
- Contact QorusDocs.
- Create and configure the application integration in Okta.
- Extract the information needed by the QorusDocs team.
- Test.
Prerequisites:
To perform the configuration, you will need:
- An Okta user that has permissions to create and configure an “application integration” within your Okta portal.
Step 1: Contact QorusDocs.
To configure the SAML in Okta, you will need to consult QorusDocs as they will provide you with the following:
Single Sign on URL: provided by QorusDocs.
Audience URI: provided by QorusDocs.
Single Logout URL: provided by QorusDocs.
SP Issuer: provided by QorusDocs.
Signing Certificate: provided by QorusDocs.
Step 2: Create and configure the application integration in Okta.
Create the app integration
Sign in to the Okta portal.
Select the “Applications” drop-down, and then select “Applications”.
To add a new application, select “Create App Integration”.
Click on the "SAML 2.0" radio button.
Click "Next".
Name the application integration: example "QorusDocs SAML".
Click "Next".
Copy and paste in the "Single sign on URL" provided by QorusDocs.
Copy and paste in the "Audience URI" provided by QorusDocs.
Click on "Show Advanced Settings".
Click on the check box "Allow Application to initiate Single Logout".
Enter in the "Single Logout URL" that was provided by QorusDocs.
Enter the "SP issuer" value - Provided provided by QorusDocs.
Click on "Browse" and select the signing certificate, the certificate can be created from the metadata URL or it can be Provided by Qorusdocs.
Set the Attributes:
Generic Attributes below, adjust according to your environment.
Click "Next".
Click "Finish".
Click On "Assignments".
Click on the "Assign" drop-down - Select the relevant option and assign the desired users or groups.
Step 3: Extract the information needed by the QorusDocs team.
The newly created SAML application should still be open. On the General tab Scroll down and send a copy of the following to your QorusDocs contact:
Click on the "Sign on" tab.
Click on the blue writing "Identity Provider metadata".
Copy the URL from the new tab that opened:
example: https://dev-XXXXX.okta.com/app/XXXXXXXXXX/sso/saml/metadata
The email address of the Primary Admin for the QorusDocs Hub (This user will be the Primary Admin user within the QorusDocs Hub, in most cases the technical resource setting up the integration).
This information can be sent securely via the most appropriate method that suits your company standards. Information should be sent to the QorusDocs employee assisting you with the initial setup.
Step 4: Test.
Your technical resource can now log in and ensure that everything works as expected.
Comments
Article is closed for comments.