Skip to main content

Uniphore Customer Portal

Example SAML Configuration for Okta Platform

When the customer utilizes the external identity provider (IdP) Okta for SAML authentication, the customer's Okta administrator must use the following configuration for the relevant Okta account in order to authenticate users and grant them access to Uniphore applications accessed via Auth0.

Note

For information on how to map this configuration in X-Console SAML authentication settings, click here.

Create the Okta Integration

  1. Login to Okta Admin Console and go to Applications > Applications.

  2. Click Create App Integration.

  3. Select SAML 2.0 as the Sign-in method.

  4. Click Next.

    SAML_integration.PNG

  5. In the General Settings panel, enter the App Name that was provided by Uniphore Support and click Next.

  6. In the Configure SAML panel, copy or enter the Redirect URL from Auth0 that was provided by Uniphore Support into the Single sign-on URL text box.

  7. Copy or enter the Service Provider Entity ID from Auth0 that was provided by Uniphore Support in the Audience URI text box.

  8. In the Attribute Statements section, enter the following:

    Name

    Name format

    Value

    http://schemas.xmlsoap.org/claims/aiAgentId

    Basic

    user.clientId

    http://schemas.xmlsoap.org/claims/stationCode

    Basic

    user.stationCode

  9. In the Group Attribute Statements section, enter the following:

    Name

    Name format

    Value

    http://schemas.xmlsoap.org/claims/Group

    Basic

    Select Matches regex and enter (.*?).

    Click Next.

  10. In the Feedback panel, for the Question 'Are you a customer or partner?', select the option 'I'm an Okta customer adding an internal app'.

  11. Click Finish.

After creating the SAML app integration, the SAML Signing Certificates section will be displayed on the Sign On tab.

Copy the Metadata URL

  1. Click Sign On tab.

  2. Copy the Metadata URL from Metadata details section:

    SAML_metadata_URL.png

    This value must be used on the X-Console SAML Authentication Settings page.

Assign Groups in the SAML Application

Following the creation of the SAML app integration, Uniphore Groups must be assigned in the SAML application.

  1. Click Assignments tab.

  2. Click Assign button and select Assign to Groups option.

  3. Click Assign button in all Uniphore groups and Click Done.

    assign_groups.PNG

After assigning the Uniphore Groups, the Group Attribute Name value must be used on the X-Console SAML Authentication Settings page.

Create Required Custom Attributes

Several custom attributes must be added in the customer's Okta SAML app in order to pass the keys required for Uniphore authentication.

  1. Go to Directory >Profile Editor.

  2. Click Okta in the Filters list.

  3. For Okta User (default), click Profile. If Profile is unavailable, click User (default).

  4. Click Add Attribute.

  5. For each of the following, add a required custom attribute to the Okta app:

    • clientId (Pointer for Uniphore AI Agent ID)

    • stationCode (Optional, pointer for Uniphore Station Code)

  6. Complete the following fields:

    • Data type:String

    • Display name: Enter the custom attribute name (e.g., 'clientId').

    • Variable name: Enter the custom attribute name again.

    • Description: Enter 'Uniphore required attribute'.

    • Attribute Length: Enter according to the attribute:

      • For clientId, select Less than and enter 50.

      • (Optional) For stationCode, select Less than and enter 20.

  7. For Attribute required, select the Yes checkbox.

  8. Click Save. Perform the above steps for each custom attribute.

You can now map the Okta settings in the X-Console SAML Authentication Settings page. They will be required when Uniphore Auth0 authentication is used.

In this section: