Add Group Attribute Statement: Name = ds_groups; Value Filter Contains "Paxata" (or whatever Okta groups are allowed to login to Paxata).
Click Next. Choose "I'm a software vendor. I'd like to integrate my app with Okta". Click Finish. SAML application is created.
Create Okta Groups and assign users to each groups. Paxata uses these groups to map to Paxata groups and roles, so that users can login to paxata.com with appropriate group and roles.
What Paxata Support needs:
0. (Optional) REST token from your paxata.com user. After setup is completed, you can regenerate the token, which will automatically invalidates the old tokens. 1. All values with underscore field names above, such as:
Alias SP Entity Id Single Sign On URL (aka. Assertion Consumer Service) Audience Restriction (SP Entity Id) Attribute Statements Group Attribute Statements
2. Identity Provider Metadata. In Okta, you can download this file in Application's Sign On Tab. 3. List of Okta groups of users who will be able to login to Paxata.com. For example:
Sample Paxata Okta Business Users Group Sample Paxata Okta Admin Group
4. List of roles the Okta groups should be assigned to. For example: