1. Login to your Okta account as a Super Admin or Application Admin, then navigate to the Administrator dashboard.

  2. Create a SAML application and enter the following information:
            

            Identified (Entity ID): https://app.emailfraudprotect.com

            Reply URL (Assertion Consumer Service URL): https://app.emailfraudprotect.com/sso/consume

            Sign on URL: https://app.emailfraudprotect.com/users/sign_in

            Relay State: <leave blank>

            Logout URL: <leave blank>

  3. The following additional attributes must be setup for the application:

    NameValue
    FirstNameuser.firstName
    LastNameuser.lastName
    Emailuser.email

  4. Download the IdP metadata file (you'll need this in a later step). Now, assign the application to whichever user(s) you intend to test with.

  5. Login to Symantec EFP, click on your user name (upper-right), then select Account settings.

  6. Navigate to Authentication > Single Sign-on, click Setup, and enter the following information:


  • IdP Metadata File: Upload the file you saved from Okta in Step 4.

  • Enable JIT Provisioning (optional): Check this option to enable Just In Time (JIT) Provisioning.

  • Provisioning Domains (for JIT): Add one or more provisioning domains.

  • Click Enable Single Sign-On.


Testing SP-initiated SSO

  1. Go to: https://app.emailfraudprotect.com/users/sign_in.

  2. Enter your Email, then click Next:

  3. Click Login with SSO. The application will now follow the SP-initiated login flow.