SSO (SAML 2.0) Integration with Okta

1. Under Settings:  Security and Integrations, enable SSO by enabling SAML2 Single Sign-on.  Click on the Generate button, which will generate a Saml2 Single Sign On URL.

2. Copy the Saml2 Single Sign On URL you just generated in ContractSafe, and use to populate the Okta Saml settings fields ‘Single Sign On URL’ and 'Audience URI (SP Entity ID)'.
Set the Name ID format to EmailAddress, and check the box "Use this for Recipient and Destination URL."  (underneath the Single sign on URL entry).

3. Create an Unspecified attribute named emailaddress set to the user.email value and click next.

4. On the Sign On tab, right click and download linked file as metadata.xml

Note:  If this file is not saved as a .xml file it will not upload in the next step.

5. Back in ContractSafe, upload the Saml metadata file that you saved (metadata.xml) using the button at the bottom of the SAML section in settings:

6. Enter email address in the ContractSafe Email Identifier field:

7. In the Okta Assignments tab, assign users:

8. Test!
9.  If you are experiencing any issues please contact us at support@contractsafe.com or just use the in-product help (that speech bubble in the bottom right corner).