All Collections
Administrator Guide
Applications and Automation
How to Configure SAML 2.0 for Blink with Okta
How to Configure SAML 2.0 for Blink with Okta

Set up SAML 2.0 with Okta in order to make SP-initiated SSO available

M
Written by Margaret Greer
Updated over a week ago

Within this article, you will learn how to configure SAML 2.0 for Blink with Okta. With this, application SP-initiated SSO will be enabled.

This process requires the following configuration steps:

Enable SAML in the Blink Admin panel

  1. The first step in configuring SAML with Blink is to open the admin panel. This can be accessed via the in-app menu.

  2. Once in the admin panel find the Authentication menu item. Only Organisation Admins can manage these settings.

  3. Once on the Authentication page select the SAML option.

  4. You will now be presented with a series of URLs which you will require when configuring your identity provider. If your IDP supports importing a metadata xml file for configuration (e.g. Azure AD) then download this now.

Configure Okta as the Identity Provider

Blink supports any SAML IDP, however this guide is specifically for Okta. For more assistance with SAML that isn't in Okta, check out this article.


You will need to use the Okta Classic UI.

  1. Add the Blink application to your Okta account.

  2. From the Dashboard Click the shortcut link to "Add Applications" and search for Blink. Click the "Add" button.

    Screen_Shot_2020-05-26_at_11.13.46_am.png
  3. Complete the General Settings. It is recommended at this time to disable the application visibility to users.

    Screen_Shot_2020-05-26_at_11.15.58_am.png
  4. Setup the Organisation ID (Company UUID) for your Blink organisation.

    1. Click the "Sign-On" tab in the Okta menu and click Edit.

      Screen_Shot_2020-05-26_at_11.21.43_am.png
    2. The Company UUID can be retrieved in Blink from Authentication page in the Admin portal. It is the last part of the Entity Id URL starting with 0-:

      1. For example: https://api.joinblink.com/saml/o-621ae3be-5bc0-xxxx-xxxx-06d2cd2a17de would mean the Company UUID is o-621ae3be-5bc0-xxxx-xxxx-06d2cd2a17de.

  5. Use the certificate you downloaded from Blink earlier (This is available in the Admin Portal in Authentication) and upload this certificate file to Okta. Be sure to save your changes

  6. Download the Identity Provider metadata from Okta. This is available in Okta using the Class UI. Select Blink in the Applications then Sign On. Save the file as 'okta.xml' to later be uploaded to Blink.

Add IDP Metadata to Blink

The next step is to add the IDP metadata into Blink. The simplest method for setting these details is to read the metadata provided by the IDP. Simply click "Read metadata file" and select the file - this is the metadata file you downloaded earlier.

If you do not have a metadata file from the IDP, click "Or enter details manually" and you will be presented with 4 fields. You will need to complete these fields with details provided by your IDP.

Your SAML SSO is now configured with Blink and Okta. The last step is to assign the Blink app to users in Okta.

Configure the Blink app in Okta for Users

Assign the Blink app to your users or groups

  1. Click on the Assignments menu item under the Blink app in Okta.

  2. Click the Assign button to add a Group or User.

  3. You will need to do this for all users that you wish to enable SSO with Blink.

Supported Features

The Okta/Blink SAML integration currently supports the following features:

  • SP-initiated SSO

For more information on the listed features, visit the Okta Glossary.

SP-initiated SSO

  1. Enter your Email address.

  2. Click Continue.

💡 Helpful Hints

  • Since only SP-initiated flow is supported, we recommend hiding the application icon for users.

  • The following SAML attributes are supported:

    • Name Value

    • user.name_id user.email

Did this answer your question?