Release or Environment

Sophie standalone versions 3.4.x - 3.7.x


As a first step, log in to Sophie with an administrator account.
Go to Settings, then choose Manage Users:

In the inner menu, choose Identity Providers, then in the drop-down select SAML v2:

Fill out the Alias and Display Name fields:

Take note of the Redirect URI

Next, create a new application on Okta. Go to Applications and click "Add Application". Choose "Web" as Platform and "SAML 2.0" as Sign on method:

Click "Create", then name your application, click "Next", and fill out the Single sign on URL with the Redirect URL taken from Sophie:

Next, add attribute mappers. At the very least, add login, email and groups mappers as follows:

Complete the wizard.
Select the "Sign On" tab and copy the link of the Identity Provider metadata:

Back in Sophie, scroll to the end of the form, then import the metadata using the Identity Provider metadata URL:

Toggle Trust Email (should be active), then click Save.

As a last step, create mappers to automatically import attributes or map them to roles.
To map an attribute to a Role (the example shows assigning all users of group testgroup  the ROLE_ADMIN Role):

To import an attribute:

To determine what will be the username:

Next time you see the login screen, a new login option should appear:

That's it! You should now be able to sign in using your Okta Identity Provider.

Article Information

Last Updated:2020-05-17 12:27:53