© 2024 IQVIA - All Rights Reserved

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Okta SSO Configuration

Okta configuration is fairly straightforward. If Single Logout (SLO) is required, then care must be taken to get the signing certificate uploaded properly as shown below. Okta actually verifies that the logout request is signed by the specified certificate, unlike other IdPs.

Navigating to the Config

Optionally create a new app

Then

Then

General Config

The next two images have dots which show values taken from the ClinSpark UI and where they belong in the Okta configuration screens.

Here is where to find those values in ClinSpark

Select “Show Advanced Settings” (dot 3) to expose additional configurations.

Advanced Config

If SLO is required, the below fields are key. Okta verifies the signature of the logout request, and therefor needs the certificate for this verification. Here is the certificate that you need to upload in Dot 3:

certificate.cer

In the below, you can find the values for dots 1 and 2 in the next image from ClinSpark

Here is the mapping:

Ensure these values are set:

Click Next:

Finishing

ClinSpark Configuration

Here are key parameters required

Canonicalization Method Algorithm:

http://www.w3.org/2001/10/xml-exc-c14n#

Authentication Context:

urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport

Name ID Format

urn:oasis:names:tc:SAML:2.0:nameid-format:transient

Sign / Digest Algorithm

SHA256

  • No labels

Exported and Printed Copies Are Uncontrolled