Skip to main content

SAML SSO Setup with Okta

This guide explains how to configure SAML 2.0-based Single Sign-On (SSO) between Okta and Fairjungle.

Once set up, users can log in to Fairjungle securely using their Okta credentials, streamlining access and improving security.

Prerequisites

Before you begin, make sure you have:

  • Admin access to Okta
  • Admin access to Fairjungle

Supported features

The Okta/Fairjungle SAML integration currently only supports SP-initiated SSO : this authentication flow occurs when the user attempts to log in to the application from Fairjungle.

For more information about SSO workflows, visit the Okta Glossary.

Step 1: Create a SAML SSO Integration in Fairjungle

  1. Log in to your Fairjungle Admin Console
  2. Go to the SSO tab
  3. Click the SAML button
  4. Enter the name of your new SSO Connection* (for instance "My Okta Connection")
  5. Leave this page open while you configure your new SAML App in Okta

Step 2: Create a New SAML App in Okta

  1. Log in to your Okta Admin Console
  2. Go to Applications > Applications
  3. select Browse App Catalog and search for Fairjungle
  4. Click Add Integration and then click Next
  5. Select the Sign On tab for the Fairjungle SAML app, go to Sign on methods > SAML 2.0 > Metadata details, and then click on More details
  6. Copy the Issuer, Sign on URL and Signing Certificate

Step 3: Configure the SAML Settings in Fairungle

  1. Copy the Okta Issuer into Fairjungle IdP Issuer (entity id)
  2. Copy the Okta Sign on URL into Fairjungle IdP SSO URL
  3. Copy the Okta Signing Certificate into Fairjungle IdP Certificate (base64)
  4. Save your new Fairjungle SAML connection

Step 4: General Settings

  • App label: Fairjungle or any name that will help identifying your new SSO connection to Fairjungle in your Okta account

Step 5: Finish Setup and Assign Users

  1. Review the configuration summary
  2. Click Finish to create the app
  3. Go to the Assignments tab
  4. Assign the Fairjungle app to appropriate users or groups

Attributes mapping

The following SAML attributes are supported:

NameValue
emailuser.email
firstNameuser.firstName
lastNameuser.lastName
uiduser.login

Optional: Enforce SSO Login in Fairjungle

If you want to require users to log in only via SSO:

  • Fairjungle can restrict login for users under a specific domain (e.g. @yourcompany.com)
  • Contact support to enable this enforcement policy

SP-initiated SSO

  1. Go to: https://[your-subdomain].app.fairjungle.com/
  2. Click Login with Okta.