Introduction

CloudAMQP Console

Migration Guides

Tutorials

Marketplaces

Features

Protocols

Code Sample

MQTT Code Sample

← back to SAML overview

Okta - SAML login on CloudAMQP

  1. Navigate to the admin portal, in the Applications view, click Create App Integration Saml Okta Add Application
  2. In the dialog that opens, select the SAML 2.0 option, then click next Saml Okta Create app Next
  3. In Step 1 General Settings, enter CloudAMQP, as an example, in the App name field, then click the green Next button. Saml Okta Create app next
  4. In Step 2A SAML Setting do the following.
    • In the Single sign on URL field, enter https://customer.cloudamqp.com/login/saml and check the box Use this for Recipient URL and Destination URL
    • For Audience URI (SP Entity ID), go to https://customer.cloudamqp.com/team/saml and copy your SAML Audience URL/Audience URI/SP Entity ID/SAML Metadata to this field.
    • In the field Name ID format pick EmailAddress from the drop down list Okta Create app settings
    • Continue, hit 'internal app' and next and create. Once created, scroll down to assign attributes, expand the legacy value, and assign 84codes.roles to appuser.roles.
  5. In the step Feedback select I'm an Okta customer adding an internal app, and This is an internal app that we have created, then click Finish Okta Create app finalize
  6. The IdP Metadata now has to be uploaded to https://customer.cloudamqp.com/team/saml.

    Download the file from Okta, under the menu option Applications, click on your recently created application, and the tab Sign On From here you can download the file that you have to upload to CloudAMQP by clicking Copy and paste the link in browser, then right click - save as - and name it metadata.xml. Okta Create app Metadata
  7. In order to assign users with roles and tags, scroll down to Attribute Statements under Sign On. Expand the legacy configuration, and under "Profile attribute statements", assign 84codes.roles to appuser.roles. Okta Create app Metadata
  8. Go to the menu option Directory -> Profile Editor and click on the app you just created. Okta setup Roles
  9. Click the Add Attribute button. Okta setup Roles
  10. Enter the information as requested, making sure the variable name is roles, as it is used in the previous step (appname.roles). Under Attribute Members, enter the roles you wish to be able to chose from. The Value field contains the teams' unique code followed by / and the role name or tag. The exact values to use are listed as examples in your CloudAMQP settings at: https://customer.cloudamqp.com/team/saml Okta setup Roles
  11. Click Save

  12. To assign the roles to your members go to the menu option Applications -> Applications, click on your created app in the list and the pen symbol next to a team member. From the drop-down, you should now be able to chose a role for this user. Okta setup Roles
  13. Click Save
  14. If you prefer to use group assignments, select "group" and "combine groups" in the attributeThen you can assign a role per group, and have a user be a member of more than one group to get both role and tag assigned. Okta setup Roles
  15. Then you can assign a role per group, and have a user be a member of more than one group to get both role and tag assigned. Note you can only pass the attribute to either user or group, not both. Okta setup Roles