You will need values from your UserVoice metadata XML found at
<subdomain> with your subdomain).
1. General Settings
- In Okta, in the left nav click Applications → Applications.
- Click Create App Integration and then select SAML 2.0 → and click Next.
- In the App Name box, choose a name for your application, then click Next.
2. Configure SAML
In the Single sign-on URL text box enter
In the Audience URI text box enter your
entityID. This is your full UserVoice URL without
https://or slashes. You can also find it in the metadata.xml.
In the Default Relay State text box, enter your UserVoice URL -
- For the Name ID Format, select EmailAddress
- For the Application username, select Email
- Under the Attribute Statements section, add an attribute with the Name: email, Name format: URI Reference, and Value: user.email
- No further configuration required. Click Next.
3. Obtain the Remote Sign-In URL
- Navigate back to the Application → Sign-On, and scroll down to SAML Signing Certificates.
- Click View SAML setup instructions (on the right).
- Scroll to Step 1 and copy the Identity Provider Single Sign-On URL for use in the UserVoice Configuration.
4. Obtain SAML Cert
- Navigate back to Sign-On and scroll down to SAML Signing Certificates.
- If you don't already have one, generate a SHA-2 cert.
- Next to the cert, click Actions → Activate.
- Now click Actions → Download. This will download okta.cert file for use in the UserVoice Configuration.
5. Assign Users
- Navigate to the Assignments tab
- Click the Assign Button → Assign to People
- Add people assignments
Note: Make sure to assign users to the application otherwise they will not gain access to UserVoice.
You should have your Remote Sign-In URL and have downloaded the SAML cert before proceeding.
- In UserVoice, navigate to Settings → General → User Authentication → Edit.
- Click the plus next to Single Sign On (SSO) to add a configuration.
- Give your button a label and an icon (optional).
- In the Remote Sign-In URL text box, enter the Remote Sign-In URL you obtained in Step 3.
- Upload the .cert file obtained in Step 4.
- Click Save.