This is the step-by-step guide for setting up SSO in Epiphan Cloud using Okta.
NB: IDP-initiated flow doesn’t work: Okta Help Center (Lightning) , which means users can’t log in to Epiphan Cloud from Okta itself. The only working option is to log in from Epiphan Cloud login page.
-
Log in to Okta Admin Console → Applications → Create App Integration.
-
Choose SAML 2.0 and click Next.
-
General Settings → Name it (e.g.,
OurApp SSO). - SAML Settings:
EU Epiphan Cloud Server (eu.epiphan.cloud)
-
-
Single sign-on URL:
https://auth-eu.epiphan.cloud/saml2/idpresponse(check “Use this for Recipient URL and Destination URL”) -
Audience URI (SP Entity ID):
urn:amazon:cognito:sp:eu-central-1_2noEzyvlA
-
US Epiphan Cloud Server (go.epiphan.cloud)
-
-
Single sign-on URL:
https://auth.epiphan.cloud/saml2/idpresponse(check “Use this for Recipient URL and Destination URL”) -
Audience URI (SP Entity ID):
urn:amazon:cognito:sp:us-east-1_PkzSxf9ng
-
-
Application username:
Email -
Attribute Statements (Optional) — add:
-
Name:
email→ Value:user.userprincipalname(or any email attribute) -
Name:
given_name→ Value:user.givenname -
Name:
family_name→ Value:user.surname -
-
-
Finish → View Sign On tab → Identity Provider metadata → Download and send us
metadata.xml. -
Test SSO login after we set it up on our side