Hello.
How can we help you?

search icon
Categories
Close icon
Getting Started
Survey Creation
Survey Appearance & Style
Survey Sending & Sharing
Survey Results
Survey Logic, Merging & Actions
Other Survey Features
Users and Contacts
Survey & Report Permissions
Data Security & Compliance
Survey Settings
Tips, Tricks & FAQs
Advanced Use Cases
Question Types

Configuring Okta for SAML

Published
4.12.2024

Configuration

Follow these steps to configure Okta as your Checkbox Identity Provider (IdP) for SAML:

  1. Log into Okta as an Administrator
  2. Click on "Create App Integration"
  3. Select "SAML 2.0" as the Sign-in Method
  4. Input Application Name
  5. Input single sign-on URL (see below for instructions)
  6. Input Audience URI: any string should be matched with the Issuer on the Admin site.
  7. Select the correct application username: By default, Checkbox uses emails as identifiers. If your Okta does the same, please select “Okta username”. If not, choose “Email”.
  8. Complete the configuration
  9. Add Users and Groups to the newly created Application (see below)

Constructing the Single Sign-On URL

Checkbox Online

The URL should take the format:

https://{api-host}/v1/{account-name}/saml/assertion-consumer-service

Within the Checkbox REST API Docs you will find an overview for how to construct these URLs, summarized below:

Checkbox On-Premises

The URL should take the following format:

https://{api-host}/v1/saml/assertion-consumer-service

Where {api-host} is the hostname used for your On-Premises installation of Checkbox.

Example Configuration Screenshots

Configuration Step #3
Configuration Step #4
Example Settings

Add People and Groups to Your Application

In order for the authentication to work for individual users, they will need to be assigned to the SAML Application we have configured above.

Add People or Groups to the Created Application

Properties of Okta Configuration for Checkbox

Metadata URL
Issuer
Signature Algorithm