Login to your Okta account as a Super Admin or Application Admin, then navigate to the Administrator dashboard.
Create a SAML application and enter the following information:
Identified (Entity ID): https://app.emailfraudprotect.com
Reply URL (Assertion Consumer Service URL): https://app.emailfraudprotect.com/sso/consume
Sign on URL: https://app.emailfraudprotect.com/users/sign_in
Relay State: <leave blank>
Logout URL: <leave blank>
The following additional attributes must be setup for the application:
Name Value FirstName user.firstName LastName user.lastName user.email
Download the IdP metadata file (you'll need this in a later step). Now, assign the application to whichever user(s) you intend to test with.
Login to Symantec EFP, click on your user name (upper-right), then select Account settings.
- Navigate to Authentication > Single Sign-on, click Setup, and enter the following information:
IdP Metadata File: Upload the file you saved from Okta in Step 4.
Enable JIT Provisioning (optional): Check this option to enable Just In Time (JIT) Provisioning.
Provisioning Domains (for JIT): Add one or more provisioning domains.
Click Enable Single Sign-On.
Testing SP-initiated SSO
Enter your Email, then click Next:
Click Login with SSO. The application will now follow the SP-initiated login flow.