Wiki source code of Okta SAML Integration Example
Version 1.4 by Mark Kohlmann on 2025/05/09 23:59
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | Okta may be used to authenticate users for ShowRunner using SAML. The following instructions will assist with configuring Okta and ShowRunner to work together to authenticate users. | ||
| 2 | |||
| 3 | Integration Steps as of May 9th, 2025 | ||
| 4 | |||
| 5 | 1. Create App Integrations | ||
| 6 | Select 'SAML 2.0' | ||
| 7 | [[image:https://files.chiefintegrations.com/s/FxzGxgnwwX5Eyik/preview||height="376" width="642"]] | ||
| 8 | 1. General Settings | ||
| 9 | App name: Can be whatever is meaningful | ||
| 10 | [[image:https://files.chiefintegrations.com/s/Je7NXGpm5YdPeH2/preview||height="364" width="650"]] | ||
| 11 | 1. Configure SAML: | ||
| 12 | 11. A - SAML Settings | ||
| 13 | 111. General | ||
| 14 | Single sign-on URL: https:~/~///your-crestron-processor-ip///cws/showrunner-saml/acs | ||
| 15 | Audience URI (SP Entity ID): showrunner-saml-//processorhostname// or what is specified in settings | ||
| 16 | Default RelayState: (empty) | ||
| 17 | Name ID format: Unspecified or EmailAddress | ||
| 18 | Application username: Okta username | ||
| 19 | Update application username on: Create and update | ||
| 20 | 1111. Attribute Statements (optional)((( | ||
| 21 | (% style="width:1000px" %) | ||
| 22 | |=Required|=Name|=Name format|=Value | ||
| 23 | |Y|http:~/~/schemas.microsoft.com/identity/claims/objectidentifier|URI Reference|user.Id | ||
| 24 | |Y|http:~/~/schemas.microsoft.com/ws/2008/06/identity/claims/role|URI Reference|appuser.userRole | ||
| 25 | |Y|http:~/~/schemas.xmlsoap.org/ws/2005/05/identity/claims/name|URI Reference|user.login | ||
| 26 | |Y|http:~/~/schemas.microsoft.com/identity/claims/displayname|URI Reference|user.displayName | ||
| 27 | |N|pin|Basic|appuser.pin | ||
| 28 | |N|touchscreenAccessLevel|Basic|appuser.touchscreenAccessLevel | ||
| 29 | |N|userLoginMethod|Basic|Arrays.toCsvString(appuser.userLoginMethod) | ||
| 30 | |N|userLoginPermitted|Basic|Arrays.toCsvString(appuser.userLoginPermitted) | ||
| 31 | |||
| 32 | [[image:https://files.chiefintegrations.com/s/kb8CjEcDNZfaK2G/preview||height="737" width="534"]] | ||
| 33 | ))) | ||
| 34 | 1. ((( | ||
| 35 | Feedback - Complete per corporate policy | ||
| 36 | ))) | ||
| 37 | 1. ((( | ||
| 38 | Profile Editor | ||
| 39 | [[image:https://files.chiefintegrations.com/s/M86XX94fnYsWi6m/preview||height="483" width="650"]] | ||
| 40 | |||
| 41 | 1. ((( | ||
| 42 | User Role - Group Name values must match group names in ShowRunner | ||
| 43 | [[image:https://files.chiefintegrations.com/s/HiixXjKJZEGQeP9/preview||height="662" width="648"]] | ||
| 44 | [[image:https://files.chiefintegrations.com/s/nbexLNGCLWjDQFs/preview||height="429" width="653"]] | ||
| 45 | ))) | ||
| 46 | 1. ((( | ||
| 47 | |||
| 48 | [[image:https://files.chiefintegrations.com/s/Db9Xwz6Yobiw5pQ/preview||height="448" width="651"]] | ||
| 49 | ))) | ||
| 50 | ))) |