As a first step, log in to Sophie with an administrator account.
Go to Settings, then choose Manage Users:
In the inner menu, choose Identity Providers, then in the drop-down select SAML v2:
Fill out the Alias and Display Name fields:
Take note of the Redirect URI.
Next, create a new application on Okta. Go to Applications and click "Add Application". Choose "Web" as Platform and "SAML 2.0" as Sign on method:
Click "Create", then name your application, click "Next", and fill out the Single sign on URL with the Redirect URL taken from Sophie:
Next, add attribute mappers. At the very least, add login, email and groups mappers as follows:
Complete the wizard.
Select the "Sign On" tab and copy the link of the Identity Provider metadata:
Back in Sophie, scroll to the end of the form, then import the metadata using the Identity Provider metadata URL:
Toggle Trust Email (should be active), then click Save.
As a last step, create mappers to automatically import attributes or map them to roles.
To map an attribute to a Role (the example shows assigning all users of group
To import an attribute:
To determine what will be the username:
Next time you see the login screen, a new login option should appear:
That's it! You should now be able to sign in using your Okta Identity Provider.