How to Configure SAML 2.0 for Extic

This setup might fail without parameter values that are customized for your organization.
Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.


Read this before you enable SAML
日本語の設定手順はこちらhttps://www.exgen.co.jp/extic/Okta-Setting_ja.html


Contents
Prerequisites Supported Features Okta Configuration steps Extic Configuration steps Troubleshooting and Tip

Prerequisites
  • Enable External IdP Authentication Option

Supported Features
  • SP-initiated SSO

Okta Configuration steps
  1. Log in to Okta as administrator
  2. Applications-Browse Menu Selection
  3. Click Browse App Catalog button
  4. Search Extic
  5. Click Extic
  6. Click Add Integration
  7. Input Application label
  8. Input Extic Subdomain
  9. Click Done
  10. Click Assign and select the users or groups you want to grant access to
  11. Click Sign On
  12. SAML Signing Certificates – Actions Selection
  13. Click View IdP metadata
    • Set entityId and Location to Extic

  14. Click Download cettificate
    • Set the certificate to Extic
  15. Click Edit
  16. Enter the Extic SAML ID obtained from Extic
  17. Click Save button

Extic Configuration steps
  1. Apply to the Support Center to use the external IdP authentication option
  2. Log in to Extic as administrator
  3. Configuration - External IdP Authentication Menu Selection
  4. Click Add New External IdP button
  5. Input display name
  6. Input of SAML entity ID obtained from Okta
  7. Input the endpoint URL of the SAML IdP obtained from Okta
  8. Upload the certificate (.pem extension) of the SAML IdP obtained from Okta
  9. Click the Save button
  10. Click on the SAML SP Info button
  11. Set Extic SAML ID to Okta
    https://xxx.ex-tic.com/auth/session/Extic SAML ID/saml2
  12. Click on User Menu
  13. Click the Add New User button
  14. Fill in the required fields and select the IdP you have set from the IdPs to be used for authentication, then click the Add button.
  15. Go to https://<subdomain>.ex-tic.com/, enter your user name and click the Next button.
  16. You will be redirected to Okta's login screen for authentication.

  17. The Extic top screen appears.
  18. If you do not want to display the Extic login screen when logging in, register only one external IdP setting and click the automatic redirect button.
    ※Make sure the administrator can log in using an external IdP before setting up.
  19. Click the Activate button

Troubleshooting and Tip
  • If you want to enable external IdP auto redirection, Make sure the administrator can log in using an external IdP before setting up.
  • The initial administrator cannot use the external IdP authentication function. (Can only log in with Extic)