You can set up SSO on the SSO Settings page for both the Portal and the School, but you will need to create two separate applications on your IDP (this is due to needing to use different URLs). The top section are Portal settings that you will paste into your IDP and the bottom section are settings that you will get from your IDP.
From the Okta Admin portal, go to the Applications tab and click the green "Add Application" button.
Next, click the green "Create New App" button.
- Select "Web" from the Platform dropdown menu.
- Select the SAML 2.0 radio button.
- Click the green "Create" button.
Step 1: General Settings
Give your app a name and upload a logo of your choice. Then click on the green "Next" button.
Step 2: Configure SAML
Portal SP Settings you plugin into your IDP:
- ACS (Consumer) URL -> Single sing on URL
- EntityId -> Audience URI (SP Entity ID)
- Your Whitelabeled URL -> Default Relay
- Select "emailAddress" -> Name ID format
- Select "email" -> Application username
Step 3: Feedback
Select the "I'm an Okta customer adding an internal app" radio option.
Step 4: Feedback
Your IDP settings you plugin into Portal SP:
Click on the "View Setup Instructions" button to get the settings to enter in Portal.
- x.509 Certificate -> x.509 Certificate
- Identity Provider Issuer -> Issuer URL
- Leave the SLO Endpoint URL field blank
- Identity Provider Single Sing-On URL -> ACS Endpoint URL
To navigate to the Portal SSO Settings for Okta, go to Administration > Integration Store and click on the Setup button for Okta.