Integrating Okta SSO with the Video Platform allows users to log in to the Video Platform with their Okta accounts.
Adding the Video Platform to Okta as an Application
The first step is to register YuJa as an Application in Okta.
- Login to Okta with an Admin account, then click Admin from the top right.
- Under Shortcuts, click Add Applications.
- Choose the option to Create New App. Select Web as the Platform and SAML 2.0 as the Sign On Method, then hit Create.
- Type in YuJa for App Name then click Next.
- Enter the Single Sign On URL and the Audience URI, the rest can be left as default. Sample entries are shown above.
Single sign on URL: https://<YOUR_ORGANIZATION>.yuja.com/D/SamlReceiveResponse
Audience URI (SP Entity ID): https://<YOUR_ORGANIZATION>.yuja.com - Scroll down to Attribute Statements and add these attributes, then click Next at the bottom of the page.
Name: Email, Name format: Unspecified, Value: user.email
Name: FirstName, Name format: Unspecified, Value: user.firstName
Name: LastName, Name format: Unspecified, Value: user.lastName
Name: Role, Name format: Unspecified, Value: user.title - On the following page, make sure to check these two below options and click Finish.
Are you a customer or partner? I’m an Okta customer adding an internal app.
App type: This is an internal app that we have created. - Click Assignments tab, add new users into YuJa by choosing either Assign to People or Assign to Group. The YuJa app will now be available within the user’s Okta portal.
Obtaining Okta’s IdP URL and Certificate Fingerprint
The next step will be obtaining the IdP URL and Fingerprint Certificate from Okta.
- Login to Okta’s Admin portal, then click on Applications.
- Choose YuJa from the Applications list, then navigate to Sign On tab and click View Setup Instructions.
- Copy down the Identity Provider Single Sign-On URL and X.509 Certificate for later uses.
- Go to this website and paste in the X.509 Certificate, including the BEGIN CERTIFICATE and END CERTIFICATE parts, then click Calculate Fingerprint.
- Copy down the Formatted Fingerprint for later uses.
Integrating Okta into the Platform
The last step will be integrating Okta into the Video Platform.
- Login to the Platform as an Administrator and go to the Admin Panel.
- From the left side Navigation menu, click Integrations then choose SSO – ADFS (SAML) from the Select an API to Configure dropdown list.
- Fill in all the required information as follows.
ADFS SSO URL: Obtained in Section 2, step 3.
Name ID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
ADFS Signing Certificate Fingerprint: Obtained in Section 2, step 5.
Given Name Attribute: FirstName
Family Name Attribute: LastName
Email Attribute: Email
Role Attribute: Role - Click Save to confirm the changes, or click Test SAML Login to ensure everything is working correctly.
- Click Activate to enable Single Sign-On for the Organization. From the Organization’s Enterprise Tube page, Single Sign-On will now be available as a Login option.