Okta
These instructions cover setting up SAML SSO between Okta Workforce and Watching That.
Before you begin, contact support@watchingthat.com to request your account-specific Single sign-on URL and Audience URI (SP Entity ID) — you will need these in Step 1.
Step 1: Create a New Enterprise App in Okta
Navigate to Okta and sign in.
In the Okta dashboard, select Admin in the top right corner.
In the left navigation, open the Applications dropdown and select Applications.
Select Create App Integration.
In the modal, select SAML 2.0 and select Next.
On the Create SAML Integration page, complete the General Settings fields. An App name is required. Select Next.
On the Configure SAML page, paste the Single sign-on URL and Audience URI (SP Entity ID) values that Watching That support provided into their respective fields.
Change Application username to Email.
Select Next. On the Feedback page, fill it out as you wish and select Finish.
You should now be on the Sign On tab of your new application. If not, navigate to that tab.
Scroll down to the Attribute statements section and expand Show legacy configuration.
Click Edit in the expanded section.
Under Profile attribute statements, add the following 3 rows using the Add Another button between each row:
Name | Value |
|---|---|
|
|
|
|
|
|
Click Save when done.
Step 2: Assign Users or Groups
You must assign users or groups to the enterprise app before they can use it to sign in.
In the Okta dashboard, select the Assignments tab.
Select the Assign dropdown and choose either Assign to people or Assign to groups.
Search for the user or group you want to assign.
Select Assign next to the relevant user or group.
Select Done to complete the assignment.
Step 3: Share the Metadata URL with Watching That
From the Sign On tab of your application, find the Sign on methods section.
Copy the Metadata URL.
Send this URL to support@watchingthat.com — Watching That will use it to complete the SSO setup on the platform side.