This article is intended for network administrators who have experience setting up Okta with SAML authentication. It outlines how to set up and establish a connection with Nearmap.
The following pieces of information must be shared between MyAccount and your IdP, which involves switching between the two applications during the setup process.
Setting up SAML integration
- Connection ID in MyAccount - You will need this value to create the connection to Nearmap.
- Metadata URL in your IdP settings - You will need to specify this value in MyAccount to create the connection.
Open the Create SAML Integration wizard.
On the General Settings tab, give the application a name and click Next.
- On the Configure SAML tab:
- Edit the Basic SAML Configuration. Enter values for:
- Set the Identifier (Entity ID) to
urn:auth0:nearmap:<your Connection ID>
- Set the Reply URL (Assertion Consumer Service URL) to
https://auth.nearmap.com/login/callback?connection=<your Connection ID>.
- Name ID format - to EmailAddress
- Application username - to Email
Configure attribute statements. These map user properties to the SAML2 attributes sent to Nearmap.
You must have an attribute statement with:
- Name email, Value user.email
To support Just In Time provisioning you must have attribute statements:
- Name family_name, Value user.lastName
- Name given_name, Value user.firstName
Leave Name format set to its default value, and pass other user properties to Nearmap to populate the user at provisioning by adding attribute statements with Name:
- job_title (preferred) or title
- org_unit - for organisation unit; this can be department, division, region, etc.
- Click Next .
On the Feedback tab, select I’m an Okta customer adding an internal app, and click Finish.
On the Sign On tab, right-click the “Identity Provider metadata” link, select Copy link address , and paste the copied address into the Identity Provider Metadata URL when you set up a Delegated Authentication connection in Nearmap MyAccount.
- Assign Nearmap applications to your users .