Okta how to pass groups in assertion SAML

Question

Trying to integrate our organisation's web app with Okta's SSO.

Everything works smoothly except that I can't find a way to pass the native Okta groups which the user is part of in the assertion SAML (there's no such option in the 'Edit SAML Integration' form).

Any idea how to do that?

score 2 · Answer 1 · edited May 23 '17 at 12:07

2

I came across this issue myself, and answered myself here

I added a very detailed explanation how it can be achieved

In short, you just need to specify a groups attribute statement to your Okta SAML 2.0 template specifying what groups you'd like to expose to your SP

edited May 23 '17 at 12:07

Community

1
1

answered May 04 '16 at 04:48

buddy123

5,679
10
47
73

Does anyone know how can I get more details about a group in SAML assertion response? I understood only group names will be returned... specifically I like to get the user group groupIDs. – Nir B Apr 22 '20 at 10:54

score 0 · Answer 2 · answered Jun 17 '15 at 17:05

0

To have Okta include group information into SAML assertions, you'll need to use the Okta Template SAML 2.0 App, in particular, you'll need to set the Group Name and Group filter options to configure which groups will be included in the SAML assertion.

answered Jun 17 '15 at 17:05

Joël Franusic

1,178
8
18

Okta how to pass groups in assertion SAML

2 Answers2