Skip to main content
All CollectionsSingle Sign On (SSO) Setup
Blueink SSO Setup: Okta SAML
Blueink SSO Setup: Okta SAML

In this help article, we will explore how to set up SSO using OKTA SAML.

Raymund Mission avatar
Written by Raymund Mission
Updated over a week ago

Overview

This document contains instructions to configure Single Sign-On (SSO) into the Blueink

eSignature App using an Okta SAML connection.

The target audience for this document is Blueink Customers who use Okta as their IdP (Identity Provider).

If you want to setup SSO using a different IdP or Okta connection type, please visit

help.blueink.com for additional guides. If you would like to test out using Okta as an IdP for login into Blueink eSignatures (and into other Apps that support SSO), you can create a free Okta developer account at developer.okta.com/signup/.

Prerequisites

These instructions should be followed by someone who is an Admin of an Okta account, or who otherwise has permissions to create and configure customer applications in Okta.

Summary Instructions

A quick summary of the steps is as follows. Detailed instructions, with screenshots, can be found in the following section.

  1. Log into Okta as an administrator

  2. Create a new App Integration from the Applications tab, and select SAML 2.0 as the type

  3. In General Settings for the new App, enter a name (e.g. “Blueink”) and optional logo

  4. In the Configure SAML Form:

    1. Enter the ACS URL provided by Blueink as the Single sign-on URL

    2. Enter the AUDIENCE URI provided by Blueink as the Audience URI (SP Entity ID)

    3. For “Name ID format” select EmailAddress

    4. In Attribute Statements create two inputs:

      1. Name: firstName; Name format: Basic; Value: user.firstName

      2. Name: lastName; Name format: Basic; Value: user.firstName

    5. Click Save and Continue

  5. Copy the Metadata URL from the Sign On Settings tab in your new App, and send it to Blueink. Blueink will respond when we have configured the SSO on our end

  6. Go to the Assignments tab and assign Users and Groups in Okta who should be able to access the Blueink eSignature App

  7. Test a login by using the email address of a user that already exists in your Blueink eSignature account. Visit this URL to login:

    a. https://secure.blueink.com/auth/login

Detailed Instructions

Once you're logged in to the Okta Admin Dashboard, click Create App Integration in the

Applications tab:

Select SAML 2.0 and continue to the the General Settings form, enter the name of your

application and (optionally) your application's logo.

In the Configure SAML form:

  • Input the ACS URL provided to by Blueink as the Single sign-on URL

  • Input the AUDIENCE URI provided to you by Blueink as the Audience URI (SP Entity ID)

  • For Name ID format, select EmailAddress

  • In Attribute statements, create two inputs:

    • Name: firstName; Name format: Basic; Value: user.firstName

    • Name: lastName; Name format: Basic; Value: user.firstName

Your configuration page should look like the following:

Click Save and continue, indicating that this is an internal application on the last screen.

Send Metadata URL to Blueink

Copy the Metadata URL from the Sign On Settings tab in your newly created Okta application. Please send this URL via email to your Blueink Account rep, or to the Blueink support person assisting with your SSO configuration.

Blueink will setup the SSO connection on our end, and respond to you once that is complete. Typically, this process is quick.

The screenshot below shows where to find the Metadata URL in Okta.

Assign Users and Groups to the new App in Okta

On the Assignments tab under your application in Okta, assign the application to team members who should have access to it by clicking Assign:

Test Your Blueink SSO Connection

Now that you have an SSO Connection set up, you can test it out as follows:

  1. Log out of any active Blueink sessions in your browser

  2. Visit the test SSO login page at: https://secure.blueink.com/auth/login

  3. Enter your email address and you should be redirected to your Okta login page to enter your credentials

  4. You should then be redirected back to the Blueink dashboard

If you have any issues, don't hesitate to reach out to [email protected].

Conclusion:

By following these instructions, you'll be able to configure Single Sign-On (SSO) in Blueink eSignature App using an Okta SAML connection. Should you require support during the setup process, please don't hesitate to reach out to [email protected]. Kindly note that the metadata URL should also be sent to this email address for assistance with SSO setup.

Did this answer your question?