Skip to main content

How to Set Up Single Sign-On (SSO) in Okta

Here are the steps for configuring SSO settings in the Okta admin console.

Written by LegalOnサポートチーム

This document has been generated with machine translation.


*For instructions on how to set up SSO on the LegalOn side, please refer to "Set up SSO (Single Sign-On)."

Terms of Use

LegalOn Terms

  • You have subscribed to the SSO (Single Sign-On) option

  • Permissions required for configuration: IT Administrator

Okta Requirements

  • You have an Okta subscription

  • The email address registered in Okta must match the email address registered in LegalOn

*If you wish to subscribe to one of the Options, please contact your sales representative.

Important Notes

  • Currently, SAML authentication only supports SP-Initiated SSO (a method where the Service Provider begins SAML authentication), so you must log in from the LegalOn login screen each time. Please note that an error will occur during the authentication process, and authentication will not be completed.

  • If you enable SSO while the settings are incorrect, you will be unable to log in if you close your browser or Logout. After enabling SSO, please ensure you test whether you can log in successfully by following the " Test SSO Login " procedure in a different browser or in incognito mode of the same browser, while keeping the SSO settings screen open.

Configuring SSO settings in the Okta Admin Console

1. Log in to Okta using an Administrator account

2. Click [Applications] → [Applications] → [Browse App Catalog]

3. Enter "LegalOn" in the search bar and click the [LegalOn (Japan)] app

4. Click [+ Add Integration]

5. On the [General Settings] tab, copy and paste the [Endpoint URL] from LegalOn’s SSO settings into the [Endpoint URL] field, then click [Done]

Important Notes

LegalOn supports only SP-initiated SSO (a method where the Service Provider begins SAML authentication).

Therefore, we recommend checking the boxes for [Do not display the application icon to Users] and [Do not display the application icon in the Okta mobile app].

6. Click the [Assignments] tab, then [Assignments], and assign the users for whom SSO is enabled

7. Open the [Sign-on] tab and click [Save] under the [Settings] section

8. Under [Credential Details], change [Application User name Format] to [Email address] and click [Save]

Okta Configuration Settings

Input Value

Application User Name Format

Email address

9. Click [Details] on the [Sign-On] tab

10. Obtain the [Sign-on URL] and [Signing Certificate] required for the LegalOn SSO settings, and copy and paste them into the LegalOn SSO settings

Values to obtain from Okta

LegalOn configuration fields

Sign-on URL

Copy and paste into the [Identity provider endpoint URL (HTTP redirect)] field on the LegalOn SSO settings screen

Signing Certificate

Method 1: Click [Download], then paste it into the [SAML signing certificate (X.509 public key certificate issued by the identity provider)] field on the LegalOn SSO settings screen

* Please copy and paste All the strings, including "----BEGINCERTIFICATE----- 
and -----END CERTIFICATE-----" 
, to 
.

Method 2: Click [Copy], then paste the formatted data into the "SAML signing certificate (X.509 public key certificate issued by the identity provider)" field on the LegalOn SSO settings screen

-----BEGIN CERTIFICATE----- 
(Data from the Copy of the "Signing Certificate" 
) 
-----END CERTIFICATE-----

Note

The following SAML attributes are supported.

  • Name: email

  • Value: user.email

This completes the Okta configuration.

Once the configuration is complete, please configure SSO settings on the LegalOn side.

For instructions on how to set up SSO on the LegalOn side, please refer to "Set up SSO (Single Sign-On)."

Did this answer your question?