f5dey (f5dey) asked a question.
Hello!
I am currently working on a migration from Cognito to Okta for our applications federated single-sign-on infrastructure. We currently have two production customers set up in Cognito as SAML 2.0 federated identity providers.
As I am not a SAML expert I wanted to see if directly porting the SAML setup from Cognito (with metadata from each IdPs metadata XML) would work without client intervention? Would there be any work necessary in a basic SAML 2.0 handshake that would require our customers to update information on their IDP end? I couldn't find any info on this in the Okta docs (other than how to create a SAML 2.0 IdP in the Okta management portal)
We will be adding these customer IdPs as Identity Providers utilizing IdP Routing Rules to route to the proper Okta application.
Thanks much!
Hi Tyler,
My name is Andres, Okta support engineer level2, and I will be assisting you with your concerns,
When we configure an IDP in Okta we may change some information on the IDP side, such as Assertion Consumer Service URL and Audience URI, it depends on the needs of those IDPs. At the end all SAML2.0 configurations require both parties to configure something.
https://developer.okta.com/docs/guides/add-an-external-idp/saml2/configure-idp-in-okta
If you have further questions regarding this or need help configuring this please open a ticket following these steps,
https://support.okta.com/help/s/article/How-to-Create-a-Support-Case
Regards.