To use SAML-based SSO, you must have Workspaces enabled. Workspaces are available only on Voicea's Teams plan. 

Single sign-on (SSO) lets users sign in to all their enterprise cloud applications using their Okta account credentials. To set up SAML-based SSO, you must create a SAML application within Okta.

------------------------------------------------------------------------------------

Voicea SAML configuration settings to add to Okta:

The first step in configuring an application to support SAML based Single Sign-On from Okta is to set up an application in Okta.

In SAML terminology, what you will be doing here is configuring Okta (your SAML Identity Provider or “SAML IdP”), with the details of your application (the new SAML Service Provider or “SAML SP”).

Here is how to set up a SAML application in Okta:

  1. Log in to your Okta organization as a user with administrative privileges.
  2. Click on the blue “Admin” button

3.  Click on the “Add Applications” shortcut

4. Click on the green “Create New App” button

5. In the dialog that opens, select the “SAML 2.0” option, then click the green “Create” button

6. In Step 1 “General Settings”, enter “Voicea” in the “App name” field, upload the Voicea logo (available here) then click the green “Next” button.

7. In Step 2 “Configure SAML,” section A “SAML Settings”, paste the URLs below into the corresponding fields.

Single sign on URL: The location where the SAML assertion is sent with a HTTP POST. This is often referred to as the SAML Assertion Consumer Service (ACS) URL for your application. Use this for Recipient URL and Destination URL = TRUE.

https://app.voicea.com/users/saml/auth

Audience URI (SP Entity ID): The application-defined unique identifier that is the intended audience of the SAML assertion. This is most often the SP Entity ID of your application.

https://app.voicea.com/users/saml/metadata

Default RelayState: Identifies a specific application resource in an IDP initiated Single Sign-On scenario.

https://app.voicea.com/users/saml/auth

Additionally, set the following fields:
Name ID format = EmailAddress
Application username = Email
Update application username on = Create and update

8. In the “Attribute Statements” section, add four attribute statements:

  1. “first_name” set to “user.firstName”
  2. “last_name” set to “user.lastName”
  3. “email” set to “user.email”
  4. "name" set to user.fullname
email
first_name
last_name
name


Click Next to continue.

9. In Step 3 “Feedback”, select “I’m an Okta customer adding an internal app”, and “This is an internal app that we have created,” then click Finish.

10. The “Sign On” section of your newly created “Voicea” application appears. Keep this page open it a separate tab or browser window. You will return to this page later in this guide and copy the “Identity Provider metadata” link. (To copy that link, right-click on the “Identity Provider metadata” link and select “Copy”)

11. Right-click on the “Assignments” section of the “Example SAML Application” application and select “Open Link In New Tab” (so that you can come back to the “Sign On” section later).

In the new tab that opens, click on the “Assign” button and select “Assign to People”

------------------------------------------------------------------------------------

Okta SAML configuration settings to add to Voicea:

1.) Log in to Voicea and go to your Workspace Settings.
2) Click EDIT SSO 

Fill in the Voicea SAML form with the following information:

Identity Provider Entity ID is the Identity Provider Issuer. For example, using Okta this would look like:

http://www.okta.com/xyz

 Identity Provider SSO Target URL is the Identity Provider Single Sign-On URL. For example, using Okta this would look like:

https://organization.okta.com/app/appname/abc/sso/saml

Identity Provider Cert Fingerprint:
Please copy and paste your cert into this form. Include the full cert, making sure there are no spaces at the front or end of the cert you copy into the Voicea platform.

-----BEGIN CERTIFICATE-----
cert contents here
-----END CERTIFICATE-----


Identity Provider Cert

Generate a formatted fingerprint using a SHA1 hash, and copy the formatted fingerprint into the Voicea platform. You can learn more about how to generate a SHA1 formatted fingerprint at SAMLTool.com. If you have OpenSSL installed, you can create the formatted fingerprint with:

openssl x509 -noout -fingerprint -sha1 -inform pem -in [certificate-file.crt]

The formatted fingerprint will look like this:

C1:9F:07:A4:DB:1B:51:3D:12:9Q:32:3C:21:48:37:A9:22:6F:8B:32

Did this answer your question?