To have access to SSO OKTA SAML, please contact sales through chat or [email protected]
Okta SAML 2.0 is a widely-used authentication protocol that allows users to log in to multiple applications using a single set of credentials. By using this protocol, companies can centralize their user authentication and authorization, reducing the need for multiple login credentials and streamlining the user experience. `
Additionally, Okta SAML 2.0 provides a secure way to authenticate users, ensuring that only authorized individuals can access company resources.
Using Cardynale Okta SAML 2.0 capabilities, companies can save time, improve security, and enhance their team's experience, making this integration a popular choice for many organizations.
Setting up the Okta SAML App - Step by Step Guide
Start by logging into an Okta admin account and going to the Okta Application Dashboard. Once there, click on "Create App Integration".
On the next popup, choose "SAML 2.0".
Then input the App name as "Cardynale". A logo can be added later or you can use this one.
General Settings
On the next tab titled Configure SAML, put in the following info:
Single sign-on URL:
https://dashboard.cardynale.com/__/auth/handler
Audience URI (SP Entity ID):
cardynale
Default RelayState: Just leave this field blank.
Name ID format:
EmailAddress
Application username:
Okta username
Update application username on:
Create and update
Attribute Statements
Name | Name format | Value |
Unspecified | user.email |
Correct Configure SAML Page
Once the above items are added, scroll down and click "Next".
On the final tab titled "Feedback", mark "I'm an Okta customer adding an internal app". Then click "Finish".
If you see a pane that looks like the below, don't check either box.
Feedback Tab - Continued
You are now all set to assign (provision) users to the Cardynale Okta SAML app! Users can be assigned individually or via security groups.
Note: Provisioning users via Okta won't actually create Cardynale digital business cards for each user. To create digital business cards for each user so they can log in with Okta SAML SSO to an already set up digital card.
For the final step, please send the "Metadata URL" under the "Sign On" tab to [email protected] and we will complete the SAML setup on our end. Our team will send a confirmation email response once this process is complete. To get the "Metadata URL" simply go to the "Sign On" tab and copy the url as shown below!
FAQ
How should I invite my colleague to Cardynale with SSO ?
This should be in 3 steps
1 - Provision them in the Okta app Cardynale
2 - If they do not have an account in Cardynale, invite them here : https://dashboard.cardynale.com/dashboard/user-access
3 - Even if they never created an account before, they can log in with SSO using SAML SSO or this link : https://dashboard.cardynale.com/auth/login-with-sso
Your identifier is your generally your domain, if your website is example.com you should write example.com before click on Continue with SAML SSO.
Warnings
When using SAML to authenticate your users in Cardynale there are a few considerations to keep in mind. Please make sure to read them to avoid any security issues.
Only use SAML with identity providers that validate the user's email address or in a context where you control a user's email address. When first logging in, we use the email address that the IdP passes to associate with a user. If a user can spoof their email address with your IdP, they'll be able to impersonate your users.
Our SAML integration only handles authentication. If you add or remove a user from your IdP, their account will not be added, removed or disabled from Cardynale, they might just be unable to log in (depending on your configuration).
When you enable or enforce SAML, any existing user passwords are preserved. This means if you ever want to go back (or something breaks down with your authentication), you can just stop enforcing SAML and you'll be able to log in with your existing credentials.