This document has been generated with machine translation.
This section describes the steps involved in setting up SSO on the Okta administration page.
For details on how to set up SSO on the LegalOn Cloud side, please refer to "Setting up SSO (Single Sign-On)".
Terms of Use
*Please contact your company's IT administrator to inquire about the subscription status of this option. *If you would like to apply for an option, please contact your sales representative. |
important point
Note that SAML authentication currently supports only SP-Initiated SSO (where the Service Provider initiates SAML authentication) and requires login from the LegalOn Cloud login screen each time. Please note that the authentication process for IdP-Initiated SSO will not complete with an error.
If SSO is enabled with incorrect settings, you will not be able to log in if you close your browser or log out. Please be sure to test if login succeeds by following the procedure described in the following section.
Set up SSO on Okta's administration screen
1. log in to Okta with the administrator account
2. Click [Applications] > [Applications] > [Browse App Catalog]
3. Type "LegalOn Cloud" in the search window and click on the LegalOn Cloud app
4. Click [Add Integration]
5. Copy and paste the Endpoint URL from the LegalOn Cloud SSO settings into the Endpoint URL section of the General settings tab, and click "Done"
important point
LegalOn Cloud supports only SP-initiated SSO (where the Service Provider initiates SAML authentication).
For this reason, we recommend checking the "Do not display application icon to users" and "Do not display application icon in the Okta Mobile app" checkboxes.
6. Click the Assignments tab, then Assign, and assign the user to be the target of SSO
7. Open the [Sign On] tab and click [Edit] under [Settings]
8. Under "Credentials Details," change "Application username format" to "Email" and click "Done
Okta configuration items | logical input value |
Application username format |
9. Click [More details] on the [Sign On] tab
10. Obtain the [Sign on URL] and [Signing Certificate] required for SSO settings on the LegalOn Cloud side, and copy and paste them into the SSO settings on LegalOn Cloud
Value to be obtained from Okta | LegalForce configuration items |
Sign on URL
| Copy and paste into [ID Provider Endpoint URL (HTTP-Redirect)] on the LegalForce SSO Settings screen |
Signing Certificate | Method 1: Click [Download] and paste into [Certificate for public key used by ID provider for signing (X.509 Certificate)] on the LegalOn Cloud SSO Settings page.
Copy and paste all strings including "----BEGINCERTIFICATE----- and -----END CERTIFICATE-----".
Method 2: Click [Copy] and paste the following formatted data into the "Certificate of the public key used by the ID provider for signing (X.509 certificate)" on the LegalOn Cloud SSO settings screen
-----BEGIN CERTIFICATE----- (Data from the copied "Signing Certificate") -----END CERTIFICATE----- |
supplement
The following SAML attributes are supported
Name Name
Value: user.email
This completes the Okta setup.
Once the configuration is complete, configure SSO settings on the LegalOn Cloud side.
Please refer to "Setting up SSO (Single Sign-On)" for how to set up SSO on the LegalOn Cloud side.