Configuring RSSO for SAML Okta authentication. 
NOTE for more information about Okta SAML authentication refer to the Okta documentation 

1. Configure the RSSO SP settings.
Set the SP Entity ID, and the External URL 
For Advanced functions see: Configuring SAML 2.0 authentication

2. Sign up for an okta account and create an RSSO application.
a. Create an account here https://developer.okta.com/
b. Login and when the dashboard opens select ‘Applications’
c. Click ‘Create App Integration’
d. Select SAML

e. Click Next
f. Set the app name, upload a logo if you want to, and click next.

g. Fill in the information for your RSSO server
                Single Signon URL:  http(s)://rsso.FQDN:<Port>/rsso/receiver
         Use this for Recipient URL and Destination URL: Check this option
                Audience URI (SP Entity ID): http(s)://rsso.FQDN:<Port>/rsso/*
                NameID Format: Transient
                Application username: Okta Username

h. Click Next
i. Select ‘I’m a software Vender’ and click finish

3. Copy the IDP meta data URL for later
4. Assign your user name to the application and click ‘save and go back’ then done


5. Edit the user just created and added to the application, and change the User Name to a user given in application integrated with RSSO
This user will need to also exist in the end application. In this example rsso can be used to sign-in to AR server (via the midtier) and password can be  changed user Demo. This user name is an app user the user name used to login to OKTA with (normally it can be email address) and will not change. Click save when done


6. Log into the RSSO admin console. Go to Realm > Edit Realm> Authentication > Select SAML
7. Click Import and enter the IDP URL

8. Set the User ID Attribute value to ‘Okta Username’ and save
9. Close the browser. Or open a new/private browser and access the MidTier URL http(s)://midTierServerFQDN:<Port>/arsys
10. Enter OKTA account user name and password and login to ARS via the MidTier will be sucessful