Okta’s single sign-on solution can quickly connect to third-party services including Jotform. To get started you must enable Single Sign-On in your Jotform Enterprise server. You also need an Okta account with admin permissions.
Configuring Okta
Before starting, note that enabling SAML disables the integrated app’s regular sign-in page. Your users can log in to your server only through Okta. Furthermore, backup sign-in URLs where users can sign in using their regular username and password are not supported in Jotform Enterprise. You can contact Jotform Enterprise support to turn off SAML if necessary.
The Jotform Enterprise SAML integration currently supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
- Just in Time (JIT) provisioning
To create an Okta SAML application
- Log in to your Okta admin account and go to the Admin page.
![The Admin button in Okta](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-admin-button-min.png)
- Go to Applications on the left, then select Create Add Integration.
![Steps to create an app integration in Okta](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-create-app-integration-min.png)
- In the Create a new app integration dialog, select SAML 2.0, then click Next.
![Steps to create a SAML 2](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-create-saml-integration-min.png)
- Enter your desired App name, then select Next.
![Steps to configure SAML in Okta](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-integration-app-name-min.png)
- Enter your Service Provider Metadata links in the following fields:
![Steps to configure SAML in Okta](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-integration-saml-settings-min.png)
- Single sign on URL — Use your Jotform Assertion Consumer Service URL
(e.g., https://example.jotform.com/sso/?acs). - Audience URI (SP Entity ID) — Use your Jotform Entity ID
(e.g., https://example.jotform.com/sso/metadata.php).
- Scroll down to the bottom and select Next, then complete the rest of the integration process.
- On your app’s overview page, scroll down to SAML Setup and select View SAML setup instructions.
![Guide to view the SAML setup instructions in Okta](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-view-saml-setup-instructions-min.png)
- Copy your SAML app’s details.
![SAML app's details in Okta](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/okta-sso-idp-metadata-min.png)
The following details from Okta will be used to configure the Identity Provider Metadata settings in your Jotform Enterprise server:
- Identity Provider Single Sign-On URL
- Identity Provider Issuer
- X.509 Certificate
- Go to your Jotform SSO settings page and enter the details in the Identity Provider Metadata fields.
![The identity provider metadata configuration in Jotform](https://jotform.claystructures.co/blog/wp-content/uploads/2022/07/enterprise-admin-console-settings-sso-identity-provider-min.png)
The value to use for each field is as follows:
- Entity ID — Use your Okta Identity Provider Issuer.
- SSO URL — Use your Okta Identity Provider Single Sign-On URL.
- Certificate — Use your Okta X.509 Certificate.
- When finished, save and test your configuration in Jotform.
The following SAML attributes and more are supported:
Name | Value |
---|---|
user.email | |
name | user.name |
surname | user.surname |
You can add more and manage the claims from the Jotform Enterprise admin dashboard. SP-initiated flows trigger when the user hits an authentication-required route.
Send Comment: