Create App Integration -> SAML 2.0
- Page 1: Name the app as you like; enable the "do not display"s because Valohai doesn't currently support IdP-initiated logon
- Page 2: Single signon URL: the ACS URL from above
- Page 2: Audience URI (SP Entity ID): the Entity ID from above
- Page 2: Name ID format: Persistent
- Page 2: Attribute statements:
- urn:oid:22.214.171.124 / format: URI / user.firstName
- urn:oid:126.96.36.199 / format: URI / user.lastName
- urn:oid:1.2.840.1135188.8.131.52 / format: URI / user.email
- (you might include other attributes here, like team(s) or other attributes that can be used to map the user to different permissions and teams)
- Page 3: "I'm an Okta customer adding an internal app", then "This is an internal app that we have created"
After the app is created, find the "Identity Provider metadata is available if this application supports dynamic configuration." link, copy the metadata URL.
You’ll need to share it with your Valohai Success Manager, so they can configure the login for your organization on app.valohai.com