SAML 2.0 with Okta
Configuring Voilà for Okta
Create a new Application
Type: SAML 2.0
App Name: Voila
Configure SAML Settings
Audience (Entity ID): https://api.voila.live/sso/saml
Single Sign On URL: https://api.voila.live/sso/saml/init
Recipient URL: https://api.voila.live/sso/saml/consume
Response: Signed
Assertion Signature: Signed
Signature Algorithm: RSA_SHA256
Relay state: None
Logout URL: Disabled
Signature Certificate: Upload this pem file below
Attributes and claims
- Remove any previous claim.
- Add the following claims
- family_name = user.givenname
- given_name = user.surname
- email = user.email
- sub = user.email (or any field whose value is unique, ex: employeeId)
- sharePersonalData = true (constant, see GDPR related paragraph)
Application Profile
- Go to Directory > Profile Editor
- Edit Voilà application
- Create attributes and map on okta attributes such as
What about the GDPR ?
Using the SSO feature has impacts on your GDPR compliance. Indeed, harvesting the user’s consent must be done by your organization and prior to your event.
Activating the SSO will prevent the player to display any kind of form at signup