OKTA Integration

Please use the following Dalet Flex-specific settings where appropriate:

General

A single sign on URL is a call back url that an Identity Provider calls back upon authentication success.

Application Single Sign On URL
Dalet Flex Console https://oktatest.qa1.ooflex.net/login/saml/SSO
FlexMAM https://oktatest.qa1.ooflex.net/mam/saml/SSO
FlexREVIEW https://oktatest.qa1.ooflex.net/review/saml/SSO
Metadata Designer https://oktatest.qa1.ooflex.net/metadata/saml/SSO
Workflow Designer https://oktatest.qa1.ooflex.net/workflow/saml/SSO
FlexMOVE https://oktatest.qa1.ooflex.net/upload/saml/SSO

Audience Restriction

The audience should be set to one of the following for the appropriate application:

Application Audience Restriction
Dalet Flex Console (Enterprise) urn:ooyala:flex:flex-login-app
FlexMAM urn:ooyala:flex:flex-mam-app
FlexREVIEW urn:ooyala:flex:flex-reviewer-app
Metadata Designer urn:ooyala:flex:flex-metadatadesigner-app
Workflow Designer urn:ooyala:flex:flex-workflowdesigner-app
FlexMOVE urn:ooyala:flex:flex-webtransfer-app

Attribute Statements

The following attribute statements must be configured: 

Name Name Format Value
login Basic user.login
email Basic user.email
firstName Basic user.firstName
lastName Basic user.lastName
flexAccountUuid Basic See below:

The flexAccountUuid attribute statement should be set to the UUID of the account that this IdP is being configured for. The Account UUID can be found on the Account details page in Dalet Flex Enterprise.