All Collections
Technical details for configuring your workspace
BI integrations, SAML and Service Accounts
Configuring SAML 2.0 for Workstream
Configuring SAML 2.0 for Workstream

Learn how to enable Okta authentication for your Workstream users

Nicholas Freund avatar
Written by Nicholas Freund
Updated over a week ago

Workstream has the capacity to support integration with SAML 2.0 through Okta. Integrating Okta and Workstream allows you to maintain your organization's SSO requirements, and ensures your Workstream user provisioning fits into pre-existing workflows. This article will walk you through setting up SAML 2.0 for your Workstream workspace so that you can begin using these features.

Supported Features

The Okta/Workstream SAML integration currently supports the following features:

  • IdP-initiated SSO

  • JIT (Just In Time) Provisioning

  • SCIM Provisioning

For more information on the listed features, visit the Okta Glossary.

Installing the Workstream App

To get started, you (or your Okta administrator) will need to install the Workstream app in Okta. Follow the steps below to add the integration:

  1. Login to Okta as an admin

  2. Click on the "Applications" link under the "Applications" heading on the lefthand navigation

  3. Click on "Browse App Catalog"

  4. Search for "Workstream"

  5. Click the "Add Integration" button

    Image pointing to the "Add Integration" button for the Workstream Okta app

  6. On the next page, either rename the application label, or leave it as is. Then click "Done" to install the integration

Initiating the SAML Connection

Setting up SAML will require coordination between an Okta admin and Workstream's team. To get the process started, send a request to [email protected] or through the support widget at the bottom of this page with the following information:

  • Company Name

  • Whether SCIM should be enabled

  • Point of contact name

  • Point of contact email

  • Identity Provider Single Sign-On URL

    • This is a unique URL for your Workstream app within Okta. To locate it, navigate to the Workstream app, and find the Sign On tab

      Image with an arrow pointing toward the "Sign On" tab in the Workstream Okta app

    • Then find the "View Setup Instructions" button under SAML 2.0.

      Image with an arrow pointing to the "View Setup Instructions" button for SAML 2.0 in Okta

    • Copy the URL from the Identity Provider Single Sign-On URL box, and add it to your message for the Workstream team. This will enable us to configure the integration correctly on the backend.

      Image showing the format of an IdP Provider single sign-on URL

Our team will respond back as soon as possible to get the integration started.

Further Configuration Steps

Once the Workstream team has set up SAML for your app, there are a few additional configuration steps you will need to take:

  1. Configure SAML attributes

  2. Set up SCIM Provisioning (optional)

  3. Assign the appropriate users to the Workstream app

Once these steps have been completed, your Workstream app should be ready to use with SAML 2.0 via Okta.

SAML Attributes

The following SAML attributes are supported. To make registration quicker for users, it's best to map as many attributes as you can. At a minimum ensure the attributes marked required are mapped.

Name

Value

Required?

email

user.email

required

given_name

user.firstName

required

family_name

user.lastName

required

Did this answer your question?