This article describes how to set up an Okta application to create a SAML connection with Triton Digital’s authentication service in order to allow single sign-on (SSO) to Triton Digital applications.
Configuration Variable
This configuration variable is used throughout the setup procedure.
Connection name:
<connection-name>=<customer-name>-saml
E.g., for the publisher Blork Media, the<connection-name>would beblork-media-saml
This variable will be provided to you by Triton Digital.
Okta SAML Setup Procedure
Log in to your Okta admin console.
Go to Applications > Applications.
Click Create App Integration.
Select SAML 2.0 as the Sign-in method.
For the Application Label, enter
Triton Digital SAMLSet the Single Sign On, Recipient URL, and Destination URL to:
https://id.tritondigital.com/login/callback?connection=<connection-name>
…where<connection-name>is the variable described above.Under Audience Restriction, set up the identifier as per this template:
urn:auth0:triton-digital-prod:<connection-name>
…where<connection-name>is the variable described above.In the Name ID Format drop-down menu, select
EmailAddressComplete the form.
Generate and download a SAML signing certificate for the new application.
Make a note of the Metadata URL.
(Optional) Assign users to the application.
Outputs to Triton Digital
The following should be provided to Triton Digital after the Okta SAML application is created:
The application’s SAML certificate.
The Metadata URL.
The email domain(s) associated with the account. e.g.: (@blorkmedia.com)