Configuring Okta SAML SSO

This guide shows how to configure Okta SAML Single Sign On (SSO) for Brilliant Assessments. This article assumes you already understand Okta Portal. It is not a general Okta tutorial.
 

1. Prerequisites

• Requires an Okta account and familiarity with the Okta admin console.
• Access to Brilliant Assessments Site Settings.

2. Create the Okta SAML application

• From the Okta Admin console, expand Applications and choose Add Application.

• Select Create New App and then select Web / SAML 2.0 from the popup.

3. General settings

• Under General Settings:
  • Give the app a meaningful name, such as Brilliant Assessments.
  • Optionally add your custom logo or download and use the Brilliant Assessments logo.
  • Choose Next to save the settings and move to Configure SAML.

4. Configure SAML in Okta

• Under Configure SAML:
  • Single sign-on URL:
    https://subdomain.brilliantassessments.com/Account/AssertionConsumerService 
  • “subdomain” above should be replaced with your company subdomain. For example: 
    https://mycompany.brilliantassessments.com/Account/AssertionConsumerService 
  • Audience URI (SP Entity ID):
    http://BrilliantAssessmentsServiceProvider
  • Leave all other options at their default values and scroll down to Attributes.

5. Map user attributes

• Add Attribute mappings for the following fields. This information is passed through to Brilliant Assessments. At a minimum, we require email. It is recommended to also provide FirstName and LastName so these can be prepopulated for the user.

6. Feedback and saving the app

• Scroll down. You may choose to preview the XML Assertion and save the file for later use. Brilliant Assessments may require this file if we need to troubleshoot any settings.
• Select Next, which will take you to the Feedback tab. Most of this information is optional feedback you can choose to provide to Okta. At a minimum you may need to select Okta customer adding an app that requires SAML. Scroll to the bottom and select Next to complete this section.

7. View setup instructions and download certificate

• On the next page, scroll down to SAML 2.0 and click View Setup Instructions. The values shown there will be entered on the Brilliant Assessments Site Settings page.

• Download the certificate from the Settings page.

8. Configure SSO in Brilliant Assessments

Open a new browser tab and login to Brilliant Assessments. 

Before you can manage SSO, you must first enable the feature:

1. Go to Site Settings > Features > General
2. Tick the "Use SSO" checkbox
3. There will be a SSO tab appear under Features
4. Click Save

When you click on the SSO tab, you will see the SSO Config tab. 

• Enter the settings from your Okta SAML Settings page.
• Upload the certificate you downloaded in the previous step.

• You can provide the same URL for both Sign on URL and Logout URL.

  

9. Assign users and test

• Back in your Okta Admin Portal, navigate to Assignments and add users as required. Enable self-service according to your organization policy.

Now you can navigate back to the end user dashboard and, if you have assigned yourself to the application, you will be able to click the tile to login to Brilliant Assessments.