Okta can be used as a Workspot Identity Provider (IdP) by configuring Okta as a SAML 2.0 Service Provider in Workspot Control. This allows the Workspot Control administrator to single sign-on into Control through the Okta web portal.
See Okta Authentication for Workspot Clients to configure Client authentication.
For more information on Workspot’s SAML support, see Control SAML Support.
For more information on Workspot’s Okta support, see .
For more information on Okta refer to: https://www.okta.com.
Prerequisites and Configuration Notes
The following are general prerequisites for this guide:
Okta administrator login.
Workspot Control administrator login.
We will perform configuration first in the Okta administrator’s portal, then in Workspot Control.
Okta Configuration for Workspot Control
This section outlines the steps to add and configure the Workspot Control app into the Okta web portal.
Sign into the Okta administrator console.
Click “Add Application > Create New Application.”
Select “SAML 2.0” and then “Create.”
In “App name,” enter “Workspot Control,” then click “Next.”
In “SAML Settings,” enter the following into “Single sign-on URL”: https://customeridentifier.workspot.com/saml/assertion, using the your Workspot Customer Identifier in the “customeridentifier” field.
Similarly, enter the following into “Audience URI”: https://customeridentifier.workspot.com/saml/metadata.
Click “Download Okta Certificate.”
Save this Okta certificate for use when configuring Workspot Control.
Rename the file from “okta.cert” to “okta.crt.”
Click “Show Advanced Settings.”
“Under Advanced Settings”, set the “Assertion Encryption” to “Encrypted.”
Download the Workspot Encryption Certificate from: https://download.workspot.com/workspotstar.crt.
Note: This is a Workspot certificate and not the Okta certificate downloaded in the previous step.
Back in the Okta Administrator Console, use “Browse files…” to upload the Workspot certificate to Okta.
In the “Attribute Statements (Optional)” section, enter the Name “emailaddress” and select “user.email” from the “Value” dropdown. Click “Next” and then on the next screen click “Finish.”
On the “Sign On” tab, click “View Setup Instructions.”
Copy and save the “Identity Provider Single Sign-on URL” and “Identity Provider Issuer” URL.
Assign the Workspot Control app to the user or group. For more information, see the Assign Applications section of Okta’s Access and customize app integrations page.
Workspot Control Configuration for Okta
Once the Okta configuration is complete, use a Control Administrator’s account to sign-in to the Workspot Control site, https://control.workspot.com.
Go to “Setup > SAML.”
For the “Entity ID,” paste the “Identity Provider Single Issuer URL” from step 13 above.
Similarly, for the “Signon Service URL,” paste the Identity Provider Single Sign-on URL.
For the Logout Service URL, enter https://youroktadomain.okta.com/login/default where “youroktadomain.okta.com” is the domain which you use to login to Okta.
Then click “Choose File” and upload the Okta certificate okta.crt from step 7, above.
Testing the Configuration
To test the configuration,
Sign into the Okta web portal
From the portal, click on the Workspot Control icon.
After a signing in page, the Control dashboard will be displayed.
