How to Configure SAML 2.0 for Digital Pigeon for admins
Contents
- Introduction
- Prerequisites
- Supported Features
- Configuration Steps
- Notes
- Troubleshooting
Introduction
This configuration guide follows the Okta Integration Network suggested template for SAML setup instructions. However, if you prefer a more detailed step-by-step guide that includes pictures, please click here for our own guide.
Prerequisites
To configure Okta SSO Integration with Digital Pigeon you will need:
- A Digital Pigeon account on the Business plan, or higher
- Access to your Digital Pigeon account as an Owner
- Access to your Okta account as an Administrator
Supported Features
The Okta/Digital Pigeon SAML integration currently supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
- JIT (Just-In-Time) Provisioning
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
- Sign in to Digital Pigeon as an Account Owner, using the SAML bypass link (https://digitalpigeon.com/login?samlBypass=true). Navigate to Manage > SSO, then copy the SP ACS URL value
- In another browser tab, sign in to Okta, and add the Digital Pigeon app from the OIN.
- Edit the SAML Integration, and under the General section, paste the SP ACS URL from the previous step, into the Okta Single sign-on URL field.
- Switch back to Digital Pigeon. Navigate to Manage > SSO, then copy the SP Entity ID value
- In Okta, edit the SAML Integration, and under the General section, paste the SP Entity ID from the previous step, into the Okta Audience URI (SP Entity ID) field.
- Now staying in Okta, select the Sign On tab for the Digital Pigeon SAML app, go to Sign on methods > SAML 2.0 > Metadata details, and then locate and copy your Metadata URL.
- Switch back to Digital Pigeon. Navigate to Manage > SSO, scroll down to SAML Identity Provider Settings, and paste the Okta Metadata URL into the IDP Metadata URL field.
- Click Save to activate SSO.
Notes
- Once activated, to disable or change SSO settings in Digital Pigeon, you must log in with the SAML bypass link: https://digitalpigeon.com/login?samlBypass=true
-
The following SAML attributes are supported:
Name Value User.firstName user.firstName User.lastName user.firstName User.email user.email role one of:
Digital Pigeon User
Digital Pigeon Power User
Digital Pigeon Admin
SP-initiated SSO
- Enter the email address of an SSO enabled Digital Pigeon account.
- Click Next to initiate the SAML authentication flow.
IdP-initiated SSO
- Go to https://<your-okta-domain>.okta.com/app/UserHome
- Click Digital Pigeon
Troubleshooting
If you need to modify the SSO configuration (e.g. verify/correct a mistake, or update/disable SSO due to an IdP issue) remember that you can bypass SSO for owner logins. Use the following URL to login with Digital Pigeon internal authentication:
https://digitalpigeon.com/login?samlBypass=true
If you're experiencing issues with SSO setup, please refer to our dedicated SSO Troubleshooting KB guide:
SSO - Troubleshooting – Digital Pigeon (zendesk.com)
If you're still having trouble, don't hesitate to contact Digital Pigeon support at help@digitalpigeon.com
Comments
0 comments
Article is closed for comments.