The following steps describe how to configure SAML SSO in Okta.

Configure SSO in Okta

Complete the following steps in Okta to configure single sign-on for iManage users:

1. Create a new SAML application by browsing to Admin > Add Applications > Create App Integration.
   
   NOTE: If switching from OpenID Connect (OIDC) SSO to SAML SSO in iManage Control Center, we recommend that you create a new application in Okta. Creating a new application allows you to preserve your existing SSO application and roll back to it if necessary.
   

   Figure: Create a new app integration dialog box

   

2. Select SAML 2.0.

3. Select Next. The Create SAML Integration page opens.

   Figure: Create SAML Integration > General Settings page

   

4. In App name enter a name, such as iManage.

5. Select Next to proceed to the Configure SAML page.

   Figure: Create SAML Integration > Configure SAML page

   

6. Copy URL information from iManage Control Center and paste it into your IdP configuration.

   1. In iManage Control Center, browse to Network & Security > Single Sign-On (SSO), then select Copy in SAML consumer URL.

      Figure: SAML consumer URL in iManage Control Center

      

   2. In Okta, paste the URL in Single sign on URL and Audience URI (SP Entity ID).

7. Select Next.

8. On the Feedback page, select I'm an Okta customer adding an internal app.

9. Select Finish. The Application > Sign On page is displayed.

   Figure: Application > Sign on page in Okta

   

10. Select Edit.

11. In Application username format, select Custom.

12. In the next field, enter the expression to map usernames in Okta to the User ID format in iManage. To learn more about the options available, select Expression Language Reference.
    Common examples include the following:

    • John.Doe = user.firstName + "." + user.lastName

    • JDoe = substring(user.firstName, 0, 1) + user.lastName

    Figure: Configure the Application username format in Okta

    

13. Select Save.

14. To update the application with your new Credential Details configuration, select Update Now. When prompted, select Update to confirm the update.

    Figure: Update credential details

    

15. To configure which users in Okta are allowed to authenticate to iManage, select Assignments.

    Figure: Configure the Assignments for this Application

    

16. Select Assign > Assign to People or Assign > Assign to Groups to assign this application to users or groups, respectively.

17. Search for the users and/or groups and then select Assign.

18. Select Save and Go Back.

19. When you have completed assigning users and groups, select Done.

20. To download the Federation metadata XML file, select Identity Provider metadata.

    Figure: Download Identity Provider metadata

    

    
    The XML file opens in a new tab in your browser.

21. To save the displayed XML as a file, right-click in your browser, and select Save As.

22. Enter a file name and select Save.

23. Import the Federation Metadata XML file into iManage Control Center by returning to iManage Control Center and completing the steps in Enable SAML SSO.