How to Set Up Okta SSO for Jotform Enterprise

Okta’s single sign-on solution can quickly connect to third-party services including Jotform. To get started you must enable Single Sign-On on your Jotform Enterprise server. You also need an Okta account with admin permissions.

The Jotform Enterprise SAML integration currently supports the following features:

• SP-initiated SSO
• IdP-initiated SSO
• Just in Time (JIT) provisioning

Configuring Okta

To create an Okta SAML application

1. Log in to your Okta admin account and go to the Admin page.

2. Go to Applications on the left, then select Create Add Integration.

3. In the dialog, select SAML 2.0.

4. Next, enter your desired App name.

5. Next, enter your Service Provider Metadata links in the following fields:

• Single sign on URL — Use your Jotform Assertion Consumer Service URL
  (e.g., https://example.jotform.com/sso/?acs).
• Audience URI (SP Entity ID) — Use your Jotform Entity ID
  (e.g., https://example.jotform.com/sso/metadata.php).

6. Select Next at the bottom, then complete the feedback form.
7. On your app’s Sign On overview page, select View SAML setup instructions on the right.

8. Take note of your SAML app’s details.

9. Go to your directory and assign your app to people or groups.

10. Go to your Jotform SSO settings page and enter the details in the Identity Provider Metadata fields.

The value to use for each field is as follows:

• Entity ID — Use your Okta Identity Provider Issuer.
• SSO URL — Use your Okta Identity Provider Single Sign-On URL.
• Certificate — Use your Okta X.509 Certificate.

10. When finished, save and test your configuration in Jotform.

Notes

The following SAML attributes and more are supported:

You can add more claims and manage them from the Jotform Enterprise admin dashboard.

SP-initiated SSO

SP-initiated flows trigger when the user hits an authentication-required route.