Okta Single Sign-on Setup with Workzone via SAML
1. Log into Okta and add an application by navigating to the Applications section and clicking the green Create New App button.
2. On the Sign on method dialog that pops up, select SAML 2.0 and click Create.
3. On the next page, enter an App name (we recommend Workzone) and click Create.
4. On the next page, enter the following into the first two fields, replacing “yourcompany” with the name you use to access Workzone:
Single sign on URL: https://yourcompany.sharedwork.com/sso
Audience URI (SP Entity ID): https://yourcompany.sharedwork.com/trust
And in the ATTRIBUTE STATEMENTS (OPTIONAL) section (this is labeled as “optional” in the Okta settings, but this step is required with Workzone), paste
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
into the Name field, and select user.email from the Value list. Then scroll down and click Create.
5. Click on the Workzone (or the name that was used in step 3) application in your list of applications.
6. Click on the Sign On tab. Click on the Identity Provider metadata link to download the Okta metadata to your desktop, and upload that file to the Single Sign-on page under the Setup tab in Workzone.
7. Click on the People tab and assign your users to Workzone.
8. Log into Workzone and add all your users. Their email addresses in Workzone must match their email addresses in Okta.
9. Log into Workzone as an administrator and activate SSO on the Single Sign-on settings page. You’re all done!