I am trying to integrate SAML in an ongoing project for one of our clients. I am new to Okta and its services. The only thing, the client wants to input okta URL and upload certificate in the admin panel. Rest I have to create a login module using okta. My question is what is the use of a certificate? How can I use that certificate in the project? If possible please share any info on how to develop this in PHP preferable.
1 Answers
0
votes
Two reasons a client ( presumably the application requiring SSO with Okta ) would provide you with a certificate. 1) They are signing the SAML Request, in which case you need to be able to verify the signature. I don't believe OKta supports signed requests, which would rule this out. 2) They want the SAML Response encrypted. In which case you would include the public key provided in the Okta application configuration.
Niall
