Skip to main content
How-to — task-oriented recipe.
Set up a custom application within Okta for authentication into Affinity.
  • Note: Custom SSO is only available for those on our Enterprise tier.
  1. Click on the Applications tab on the left sidebar, then click Create App Integration.
  1. On the following pop-up, select SAML 2.0, then click Next.
  1. Under the General Settings tab, fill out the App name. The App logo and App visibility fields can be filled out if you’d like. Then, click Next.
  1. Under the Configure SAML tab, fill out the following fields: 1.
Single sign-on URL: Note: Please replace subdomain with your actual Affinity subdomain. 
https://subdomain.affinity.co/auth/sso/saml-callback
Audience URI (SP Entity ID): affinity. Note: This can be changed to an ID of your preference, however, if it is not “affinity”, please provide us with your ID. 3. Default RelayState: {"platform", "web"}. Note: For an IDP-initiated setup, replace {"platform", "web"} with IDP-INITIATED-FLOW and let us know at support@affinity.co. 4. Name ID Format: EmailAddress
  1. Next, the Attribute Statements is not optional and must be filled out, since Affinity would need the user’s email address to be returned.
  1. Finally, click Next, then click Finish. This should automatically take you to the Sign On tab for your newly-created application.
  2. Scroll down to SAML Signing Certificates section and please provide the URL for the Active cert (IdP Metadata). Here are the following fields we need to know to finish the setup:
    1. Audience URI (SP Entity ID)
    2. IdP metadata URL
    3. Optional: Default RelayState (only if it is IDP-initiated)