Create and configure the application on Okta's side
Select "Application" > "Create App Integration" > "SAML 2.0":
In a second tab open the Moss website with an admin account and go to "Settings" > "SAML SSO".
Copy the following things:
SP ACS URL (Moss) to Single sign-on URL (Okta)
SP entity ID (Moss) to To Audience URI (SP Entity ID) (Okta)
Name ID format (Okta) = EmailAddress
Application username (Okta) = Email
Set the mapping as described below:
“emailaddress” -> user.email
Needed to match user to Moss account
“givenname” -> user.firstName
“surname” -> user.lastName
Needed for card creation
(optional) “mobilephone” -> user.phoneNumber (if present)
for 3DS feature
Feedback screen:
Assign users
Assign users or groups that could use moss in Okta:
Setup on the Moss side
Open newly created application:
Copy data from here....
...to Moss and...
...then enable SSO:
You can learn how to invite and deactivate users to use SSO in this article.