All Collections
Mapiq for Admins
Authentication
Configure Okta - SAML 2.0
Configure Okta - SAML 2.0
Updated over a week ago

Okta offers a robust integration with Mapiq for Single Sign On (SSO) using the SAML 2.0 protocol. This article provides a step-by-step guide on configuring this integration, ensuring a seamless and secure SSO experience for users.

You'll learn about the requirements, supported features, configuration steps, and claims associated with Okta's SAML 2.0 integration with Mapiq.

Supported Features

The Okta Mapiq SSO integration supports:

  • SP-Initiated SSO

  • JIT (Just-In-Time Provisioning)

For a deeper understanding of thee features, refer to the Okta Glossary.

Configuration Steps

Note: Before you can start configuring SSO through Okta, make sure you have the necessary permissions in your Okta organization to install and configure applications.

  1. Install the Okta Mapiq integration through the Okta Integration Network (OIN).

  2. In the application, navigate to Sign On > Sign on methods and select "SAML 2.0".

  3. Under Sign On > Sign on methods > SAML 2.0, locate the Metadata URL in the Metadata details section.

  4. Contact Mapiq support or your designated Mapiq contact person and request SSO activation for Okta with SAML 2.0. Provide the previously copied Metadata URL and the email domains used by your users.

  5. After receiving confirmation, you can start assigning users to the application.

  6. Your users can now access Mapiq using Okta SSO. 🎉

Note: Mapiq doesn't offer a backup sign-in URL for Okta SAML integration misconfigurations. If you're locked out due to a configuration error, please contact Mapiq Support.

Claims Configuration

Required Claims

Mapiq expects specific SAML attributes, which are pre-configured in Okta.

These required attributes include:

Attribute Name

Value

Description

givenname

user.firstName

The user’s first name.

surname

user.lastName

The user’s last or family name.

displayname

user.displayName

The user’s full name.

emailaddress

user.email

The user’s email address.

Optional Claims

There are also optional SAML claims for added functionality. These can be mapped to user properties as relevant to your organization.

These optional attributes include:

Attribute Name

Value

Description

jobtitle

user.jobtitle

The user’s job title (e.g. ‘senior manager’, or ‘trainee’).

department

user.department

The department the user is a part of (e.g. ‘finance’ or ‘IT support’).

businessunit

user.companyname

The business unit the user is part of (e.g. ‘company logistics’).

office

user.officelocation

The office where the user is based (e.g. ‘Amsterdam’ or ‘London’).

country

user.country

The country in which the user is based (e.g. ‘NL’ or ‘The Netherlands’).

externalid

user.externalid

An identifier, unique to the user, that can be leveraged in other platforms (e.g. an employee number).

SP-Initiated SSO

  1. Visit https://app.mapiq.com.

  2. Click "Sign in".

  3. Enter your company email address.

  4. Authenticate using your Okta credentials.

💬 Need More Help?

If you’d like extra assistance, reach out via the Messenger (question mark in the corner) and chat with our support team, or email us at [email protected].

We’re always ready to help! 😉

Related Articles
Configure Azure AD - SAML 2.0
Configure Okta - OIDC
Configure Azure AD - OIDC
Configure Generic - SAML 2.0
Getting started with SSO
Did this answer your question?