0D51Y0000ALn9i7SQBOkta Classic EngineIntegrationsAnswered2024-05-10T20:57:35.000Z2021-01-21T21:44:13.000Z2021-01-24T22:38:49.000Z

1sohs (1sohs) asked a question.

January 21, 2021 at 9:44 PM
WHERE do I get the SAML assertion for OKTA like this one from AWS https://signin.aws.amazon.com/static/saml-metadata.xml

 var roleArnToAssume = "arn:aws:iam::123456789012:role/testAssumeRole";

      var principalArn = "arn:aws:iam::123456789012:saml-provider/testSamlProvider";

 

      // Place your base64 encoded SAML response on this line with no whitespace

      // https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html

      string base64SamlFile = "saml.xml.b64";

 

 

      if (File.Exists(base64SamlFile))

      {

        string samlAssertion = File.ReadAllText(base64SamlFile);

 

        var stsClient1 = new Amazon.SecurityToken.AmazonSecurityTokenServiceClient(new AnonymousAWSCredentials());

 

        var assumeRoleReq = new AssumeRoleWithSAMLRequest();

        assumeRoleReq.DurationSeconds = 3600;

        assumeRoleReq.RoleArn = roleArnToAssume;

        assumeRoleReq.PrincipalArn = principalArn;

        assumeRoleReq.SAMLAssertion = samlAssertion;

  • 1 answer
  • 597 views

  • marian.ungureanu1.5670010754374846E12 (Okta, Inc.)

    Hi Peter,

     

    Marian here from Okta support, I will assist you today with this inquiry. 

     

    If you are asked by the SP to provide the metadata file, the needed information can be acquired from the configured Template SAML App. 

     

    Steps to download or view the metadata file:

    1. Add a SAML Template App to your org.
    2. On the 'General Settings' screen enter all known information. For fields that are not yet known, type 'PLACEHOLDER'. 
    3. Select 'Next'
    4. Do not assign the app to any users, select 'Next'
    5. Select 'Done'.
    6. Select the 'Sign On' tab. 
    7. In the 'Settings' section, right click the Identity Provider metadata link, to view click on it, to download select Save As or Save Link As (depending on the browser).
    • by default, the file downloads with the filename "metadata" and no file extension. You may therefore need to change the filename to "metadata.xml" in order to upload it to your SP.

    CAUTION - This information is dynamically generated. If you provide this metadata to your SP, you MUST use this template app to perform your integration. If the application will be modified after generating the metadata, it's recommended to download again the metadata file and updated on the SP side. 

     

    Thank you,

    Marian Ungureanu

    Technical Support Engineer

    Okta Global Customer Care

    Expand Post
This question is closed.

Recommended content

No recommended content found...