QReserve Academy
Single Sign-On with Okta
Single Sign-On with Okta requires several steps that are outlined here.
Supported Features
The Okta/QReserve SAML integration currently supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
- JIT (Just In Time) Provisioning
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
-
In your Okta Admin Dashboard go to Applications->Applications->Browse App Catalog
-
Search for QReserve then Add Integration
-
Click "Done"
-
Copy the metadata URL from the Sign On tab.
-
Submit your SSO request and attach your metadata with this form.
-
The QReserve Support team will process your request. After receiving a confirmation email, you can start assigning people to the application.
-
In Okta select the Sign On tab for the QReserve SAML app, then click Edit.
- Encryption Certificate: Save the following as encryption.crt then upload it to the app:
-----BEGIN CERTIFICATE----- MIIFLjCCAxagAwIBAgIUQxLRmiTlbRbzQalkfFB71zT7uIQwDQYJKoZIhvcNAQEL BQAwHDEaMBgGA1UEAxMRc2FtbC5xcmVzZXJ2ZS5jb20wIBcNMjQwMjA1MTkxMTQ4 WhgPMjEyNDAxMTIxOTExNDhaMBwxGjAYBgNVBAMTEXNhbWwucXJlc2VydmUuY29t MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1BcW+AkcMCHQAyqi3kKa BFoGZn681KRrzUeO9PSI253lJJylueR/4KPQt0iv1kOriA6lypPToCc3GwortU5Y TKU7YZVkqbbgaopm+DoGaOAHzl9mYEg2QBMduQoihxGlD62zPpbspe70QVxRWc3W BQSGvBDDujEOP8ICd+Gm02iFZi/Zrshhb6NY0ABGIu2fzKU4jKNXidqsgKDcpJ7x fCj/ZnBwzQFziJ9CWTEW8kzE6/ybAmiTQjX4tMGT2h88+rbvBGK/3KWxWKi8/g+A tw/FXUSQEFBL04Pc27ncArPLbCAUjl8pSG9AiS//tVjGC8WTJW0r36xnUzuxiJPO NqfiI+67vpI3OCfTwMn3C/Vlg0Idy75MYVyFUpMGy2qFSI/NcnftUwIqwIKwodUC qyn05pNsxihpMeK0040hrevbVplnJcj9SjvUsM23W3qRhDej5O48FUiQAW3XlC/o Q0tEvl/50fUT+WI9NAyt2NvpPNDeBERzagquvSa587WAeD+fsFgsjqDmDoomB1tJ as+5bvHPJh/QSYTQBzZE7A72ZonSgv30/Su22dArQWEvb7mDD8X1zLvXz49ZBouP ANNjjM9yeKsu3Z3Ok0kg5qOr9pFSG8YjtafEmCbOuGIAAXNBI66m2ItKt871uWxF 7q7ZzekVvdOimU2x7iF9EAcCAwEAAaNmMGQwQwYDVR0RBDwwOoIRc2FtbC5xcmVz ZXJ2ZS5jb22GJWh0dHBzOi8vc2FtbC5xcmVzZXJ2ZS5jb20vc3NvL2NhbmFyaWUw HQYDVR0OBBYEFDCh9KLk12pbSNa3JDyQ3VXG0VUgMA0GCSqGSIb3DQEBCwUAA4IC AQDIOug/OXwahWjLzg7DouybLg/kAfQvkK4o5OX5QfFnnb743oanjrpS5lByfyz0 6A+zgtntm7A/uYvjKGd8wSHVit+hePbhbFRPR3VfDxAAcsjjzZWlljJH4m4ZdLcs rIaZsOS7il6GrVUrlbtuUnYruopS0XPm8uzJf8j5UH29sRKpU7m/b4CgDugUqEau ZKDSQaTXb7fRHURU3nJCkrRX886g1xsd31pZ89ZnZ7LOFv37CbVj0p7YGbvW/cPU tDlF78b0OZwh+cY3nHInm3oPHDXec48JdcFmUaoxQOQNgTv3JcbhgAUIab6Ogbbz UwmBgmE3ELyPG1YUWOFAVBoZCYBGVI1kVtBIJegK7qbjVynrf3LQylvcOxMzXkke cy5Sc2xd41NLY0eIcHU3fo0fzrkc2pPt+2x6uAtR63nEYVs88GIV8tDeFOIi9LVB SRd4OSwDbDcVjZBX4D25gXutTZj2ykvzeERDxQJdw/SlGkOTnzacYHdXuIZlygPh d/rTb7ikK8O2zPhEdNvVC8LfYkjH8/Gd+RsthwE9vVH9tEG9glHo47ip5JVYp26g ArhLycYjPUPvjjBgtX9JeKZXnZi3tEZ2l3GxUqb5ZxNCn6Hx0/SlG2op4eRO/DK1 OgEzTy+Z6hd3fVUliP3oIhSt9mUAnpbFuJ8p9qZGYZrmMw== -----END CERTIFICATE-----
- Click Save.
-
Upload provided Encryption certificate to Okta
-
Done!
Supported SAML Attributes
The following SAML attributes are supported:
Name | Value |
---|---|
urn:oid:0.9.2342.19200300.100.1.3 | user.email |
urn:oid:2.5.4.42 | user.firstName |
urn:oid:2.5.4.4 | user.lastName |
urn:oid:2.16.840.1.113730.3.1.241 | user.displayName |
urn:oid:2.5.4.3 | user.nickName |
SP-initiated SSO
- Go to https://my.qreserve.com/login
- Click Sign In With Partner.
- Search for your organization, then click Sign In.