Requirements

• Admin access to an Okta tenant

That’s it for requirements! All Ben instances are configured for SAML by default, so you just need to follow the rest of the guide to get up and running

Supported Features

• IdP-initiated SSO
• SP-initiated SSO

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

<aside> ⚠️

Enabling SAML will affect all users who use the Ben app. Ben doesn't provide a backup sign-in URL where users can sign in using their regular username and password. If necessary, contact Ben Support ([email protected]) to turn off SAML for your instance.

</aside>

1. In the Okta dashboard, navigate to Applications ****and then select the Applications sub-menu.

1. Click on Browse App Catalog and search for Ben and add the application.

1. Navigate to the Ben application. Go to the Sign On tab on and copy the Metadata URL

1. Contact the Ben Implementation Manager helping to onboard you, or reach out to the support desk, and request that they enable SAML for your account, including the Metadata URL with your request
2. The Ben Support team will process your request and will provide you with the Customer ID value
3. In Okta, select the Sign On tab for the Ben app, then click Edit.
   • Scroll down to Advanced Sign-on Settings.
   • Enter your Customer ID (step 5) into the corresponding field.
   • Click Save.

SAML attributes