Setting up SAML 2.0 with Okta

You must have an existing Hive workspace with the Enterprise Security Add-on. You must also be a system-level administrator in that Hive workspace.

After adding Hive from the Okta OIN you will verify and / or configure your 'Workspace ID' value in the "Advanced Sign-on Settings" section while editing Settings on the "Sign On" application tab in Okta. This is your workspace ID, that you can see in Hive by going to the top-right user menu (click on your Avatar) and then choose the 'Edit profile' option. From there go to the 'API Info' link on your left menu. You will see your workspace id there (and other fields we will use later in the setup as well so keep this page open). Copy this workspace ID into the 'Workspace ID' field in the Okta integration setup and click “Done”.

Next we will need to configure your Hive account to work with your Okta SAML setup. In Hive go to the top-right user menu (click on your Avatar) and then choose the 'Settings' option under the "Workspace Settings" section. Next choose "Enterprise Security" from the left nav, scroll to the SAML section on the right.

You will need to copy "SAML SSO URL" (Sign on URL), "Identify Provider Issuer" (Issuer), and "Certificate" (Signing Certificate) from Okta into Hive. These values can be found under "Metadata details" on the "Sign On" tab in your Okta application.

The following SAML attributes are supported: