Copied
Docs

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

EMPLOYEE LOGIN
  • Home
  • Getting Started
  • Annotate
  • Validate
  • API
  • Recipes
  • Tutorials
  • Integrations
    • Developer integrations
    • Security integrations

Setting up Okta on the Sama Platform

Updated at November 8th, 2023

A configured Okta integration will affect the following sections of the Sama Platform:

  1. User login and profile settings
  2. User account creation
  3. User account deactivation
  4. Teams, Roles, and Organization Memberships are still managed in Sama Platform

Configuring Okta

  1. Create a new App Integration of type SAML 2.0
  2. Chose a name of your choice
  3.  Single sign-on URL: https://login.sama.com/login/callback?connection=<client_name>
  4. Audience URI (SP Entity ID): urn:auth0:sama-prod:<client_name>
  5. Other fields can be empty/default
  6. Attribute statements: 

    email, firstName, middleName, lastName, emailVerified - email, firstName, middleName and lastName should be set to values that come from the user profile. They will ensure that the user info is synced to Sama. middleName is optional. In our internal integration, the values look like user.email, user.firstName, user.middleName, user.lastName, but for you, it might be slightly different depending on how your user profiles are set in Okta.
ATTRIBUTE STATEMENTS
Name Name Format Value
email Unspecified user.email
firstName Unspecified user.firstName
lastName Unspecified user.lastName
emailVerified Unspecified true
  1. Assign users to the newly created application
  2. After the application is created, go back to the General tab, and click edit on the SAML settings section. At the bottom of step 2, click on Preview the SAML assertion. Make sure the attributes are correctly populated. Below is an XML Example, which contains what the data looks like in Sama's example.


     
  3. Provide your Sama Engineer with the following information, obtained from the Sign On tab:
    1. Sign on URL, which should look similar to https://<compagny>.okta.com/app/<some-id>/<some-other-id>/sso/saml
    2. SAML signing certificate. The entire file is required by Sama to complete the configuration.

Logging in and managing profiles

Once Okta is configured, the user experience on the Sama Platform will change slightly.

  1. Users logs in with Okta credentials that is managed by IT.

  2. User's profile info changes is disabled; this is managed by Okta instead.


     
  3. User account password reset, 2fa, status page is disabled; this is managed by Okta instead.


     

Creating user accounts

There is no need to manually create internal Sama users in Accounts; they will be automatically created upon first successful login into the Platform.

User account deactivation

  1. By disabling users' Okta access, they will not be able to gain access to the Sama platform. See above diagram.
  2. There is no need to manually mark a user as "Inactive" in the Sama Platform; it will be automatically changed to "Inactive" after 60 days of inactivity.

Teams, Roles, Organization Memberships are still managed in the Sama Platform

Admins/Org Admins will continue to manage a user's Team, Roles, and Organization memberships in the Sama Platform.

📘 Note

Default values are given upon user creation.

 

Organization, Organization users, and Teams are still managed in the Sama Platform.
 

sama platform okta setup

Was this article helpful?

Yes
No
Give feedback about this article

The first B Corp-certified AI company

  • Security
  • Terms
  • Privacy
  • Quality & Information

Copyright © 2023 Samasource Impact Sourcing, Inc. All rights reserved.


Knowledge Base Software powered by Helpjuice

Expand