The instructions below explain how to create an EliseAI application in SAML, as well as how to obtain the SSO Login URL and X.509 Certificate to provide to us.
OKTA
-
On the Okta Dashboard, navigate to the Applications page in the left sidebar
-
Click Create App Integration
-
In the pop up, select SAML 2.0 as the sign-in method and click Next
-
Under General Settings, enter "EliseAI" as the App name
-
Under SAML Settings, input the following using the Connection Name we provided:
-
Single sign-on URL: https://login.meetelise.com/login/callback?connection=<ConnectionName>
-
Be sure to check the box underneath that reads "Use this for Recipient URL and Destination URL"
-
-
Audience URI (SP Entity ID): urn:auth0:meetelise:ConnectionName
-
-
Under Attribute Statements, input the following (the Name format for each should be "Unspecified"):
-
Name = given_name; Value = user.firstName
-
Name = family_name; Value = user.lastName
-
Name = email; Value = user.email
-
Name = title; Value = user.title
-
Name = department; Value = user.department
-
Note that although it says "optional", this page must be filled out
-
-
Under Group Attribute Statements, input the following:
-
Name = groups
-
Name format = Unspecified
-
Filter = Matches regex
-
-
Press Next
-
Provide feedback for Okta if you wish
-
Click the Sign On tab near the top of the page
-
At the bottom of the right sidebar, click View SAML setup instructions
-
Send us two pieces of information from the page that opens:
-
Copy the Identity Provider Single Sign-On URL
-
Download the X.509 Certificate
-
-
Assign to the users who will be using the EliseAI application
Azure Entra (Active Directory)
-
On the Default Directory Overview page, select Enterprise applications from the left sidebar
-
Click New application at the top of the page
-
Click Create your own application at the top of the page
-
In the right side panel that pops up, enter "EliseAI" as the Input name
-
Make sure to select "Integrate any other application you don't find in the gallery (Non-gallery)"
-
-
Select Single sign-on from the left sidebar
-
Select SAML as the single sign-on method
-
Click Edit in the top right of the Basic SAML Configuration box
-
In the right side panel that pops up, click Add identifier and input the EntityID
-
Also in the right side panel, click Add reply URL and input the ACS
-
Once complete, send us two pieces of information from the SAML-based Sign-on page:
-
Download and send the Certificate (Base64) from the SAML Certificates box
-
Copy and send the Login URL from the Set up SamlWalkthrough1 box
-
Please enter the information found in OKTA steps 5 and 12 to the SSO Settings page in EliseCRM.