Workstream has the capacity to support integration with SAML 2.0 through Okta. Integrating Okta and Workstream allows you to maintain your organization's SSO requirements, and ensures your Workstream user provisioning fits into pre-existing workflows. This article will walk you through setting up SAML 2.0 for your Workstream workspace so that you can begin using these features.

Supported Features

The Okta/Workstream SAML integration currently supports the following features:

  • IdP-initiated SSO

  • JIT (Just In Time) Provisioning

  • SCIM Provisioning

For more information on the listed features, visit the Okta Glossary.

Installing the Workstream App

To get started, you (or your Okta administrator) will need to install the Workstream app in Okta. Follow the steps below to add the integration:

  1. Login to Okta as an admin

  2. Click on the "Applications" link under the "Applications" heading on the lefthand navigation

  3. Click on "Browse App Catalog"

  4. Search for "Workstream"

  5. Click the "Add Integration" button

  6. On the next page, either rename the application label, or leave it as is. Then click "Done" to install the integration

Initiating the SAML Connection

Setting up SAML will require coordination between an Okta admin and Workstream's team. To get the process started, send a request to [email protected] or through the support widget at the bottom of this page with the following information:

  • Company Name

  • Whether SCIM should be enabled

  • Point of contact name

  • Point of contact email

  • Identity Provider Single Sign-On URL

    • This is a unique URL for your Workstream app within Okta. To locate it, navigate to the Workstream app, and find the Sign On tab

    • Then find the "View Setup Instructions" button under SAML 2.0.

    • Copy the URL from the Identity Provider Single Sign-On URL box, and add it to your message for the Workstream team. This will enable us to configure the integration correctly on the backend.

Our team will respond back as soon as possible to get the integration started.

Further Configuration Steps

Once the Workstream team has set up SAML for your app, there are a few additional configuration steps you will need to take:

  1. Configure SAML attributes

  2. Set up SCIM Provisioning (optional)

  3. Assign the appropriate users to the Workstream app

Once these steps have been completed, your Workstream app should be ready to use with SAML 2.0 via Okta.

SAML Attributes

The following SAML attributes are supported. To make registration quicker for users, it's best to map as many attributes as you can. At a minimum ensure the attributes marked required are mapped.

Name

Value

Required?

email

user.email

required

given_name

user.firstName

required

family_name

user.lastName

required

Did this answer your question?