Skip to main content

How to set up SSO (single sign-on) in Okta

LegalOnサポートチーム avatar
Written by LegalOnサポートチーム
Updated over a week ago

This document has been generated with machine translation.


Check the modules you are using and your user type

This section describes the procedure for setting up SSO on the Okta management screen.

*For instructions on how to configure SSO settings on LegalOn, refer to "Set up SSO (Single Sign-On)".

Terms of Use

  • Users of tenants who have contracted the SSO (single sign-on) option

  • Permissions that can be set: IT Administrator

  • Subscribed to Okta

  • The email address registered with Okta matches the email address registered with LegalOn.

*Please contact your IT administrator for information on your option contract status.

*If you would like to apply for this option, please contact your sales representative.

Important notes

  • SAML authentication currently only supports SP-Initiated SSO (a method in which the service provider initiates SAML authentication), and you will need to log in from the LegalOn login screen each time. Please note that the authentication process will result in an error and will not be completed with IdP-Initiated SSO.

  • If you enable SSO with incorrect settings, you will not be able to log in if you close your browser or log out. After enabling SSO, please make sure to test that you can log in by following the steps in "Test logging in with SSO " while keeping the SSO settings screen open in another browser or in incognito mode in the same browser.

Set up SSO on the Okta management screen

1. Log in to Okta with your Administrator account.

2. Click [Applications] → [Applications] → [Browse App Catalog]

3. Enter "LegalOn" in the search window and click the LegalOn app.

4. Click [Add Integration]

5. Copy and paste the Endpoint URL from the LegalOn SSO settings to the Endpoint URL field in the General settings tab, then click Done.

Important

LegalOn only supports SP-initiated SSO (a method in which the service provider initiates SAML authentication).

Therefore, we recommend checking the boxes for "Do not display application icon to users" and "Do not display application icon in the Okta Mobile app."

6. Click the Assignments tab, then Assign, and assign the users to whom you want to apply SSO.

7. Open the Sign On tab and click Edit in the Settings section.

8. Change Application username format to Email in Credentials Details and click Done.

Okta settings

Input value

Application username format

Email

9. Click [More details] in the [Sign On] tab

10. Obtain the Sign on URL and Signing Certificate required for the SSO settings on the LegalOn side, and copy and paste them into the SSO settings items on LegalOn.

Values to obtain from Okta

LegalOn settings

Sign on URL

Copy and paste into the Identity provider endpoint URL (HTTP redirect) field in the LegalOn SSO settings screen.

Signing Certificate

Method 1: Click [Download] and paste into [SAML signing certificate (X.509 public key certificate issued by the identity provider)] on the LegalOn SSO settings screen.

* Copy and paste all characters including "----BEGINCERTIFICATE----- 
and -----END CERTIFIC-----" 
to 
.

Method 2: Click "Copy" and paste the data formatted as follows into the "SAML signing certificate (X.509 public key certificate issued by the identity provider)" field of the LegalOn SSO settings screen.

-----BEGIN CERTIFICATE----- 
(data copied from "Signing Certificate" 
) 
-----END CERTIFICATE-----

Additional

The following SAML attributes are supported.

  • Name: email

  • Value: user.email

This completes the Okta settings.

Once the settings are complete, configure the SSO settings on the LegalOn side.

For instructions on how to configure SSO settings on the LegalOn side, refer to "Set up SSO (single sign-on)".

Did this answer your question?