Hello.
How can we help you?

search icon

Configuring Okta for SAML

Published
July 15, 2024

Configuration

Follow these steps to configure Okta as your Checkbox Identity Provider (IdP) for SAML:

  1. Log into Okta as an Administrator
  2. Click on "Create App Integration"
  3. Select "SAML 2.0" as the Sign-in Method
  4. Input Application Name
  5. Input single sign-on URL (see below for instructions)
  6. Input Audience URI: any string should be matched with the Issuer on the Admin site.
  7. Select the correct application username: By default, Checkbox uses emails as identifiers. If your Okta does the same, please select “Okta username”. If not, choose “Email”.
  8. Complete the configuration
  9. Add Users and Groups to the newly created Application (see below)

Constructing the Single Sign-On URL

Checkbox Online

The URL should take the format:

https://{api-host}/v1/{account-name}/saml/assertion-consumer-service

Within the Checkbox REST API Docs you will find an overview for how to construct these URLs, summarized below:

Checkbox On-Premises

The URL should take the following format:

https://{api-host}/v1/saml/assertion-consumer-service

Where {api-host} is the hostname used for your On-Premises installation of Checkbox.

Example Configuration Screenshots

Configuring Okta for SAML: Step 1
Configuring Okta for SAML: Step 2
Configuring Okta for SAML: Step 3

Add People and Groups to Your Application

In order for the authentication to work for individual users, they will need to be assigned to the SAML Application we have configured above.

Add People or Groups to the Created Application

Properties of Okta Configuration for Checkbox

Metadata URL
Properties of Okta Configuration for Checkbox
Issuer
Properties of Okta Configuration for Checkbox
Signature Algorithm
Properties of Okta Configuration for Checkbox

Get a comprehensive overview in our live demo

Checkbox develops affordable, feature-rich survey software for organizations, teams, and individuals