Log in to the SAML provider as an Admin
- Welcome to Adobe Acrobat Sign for Government
- First steps for new accounts
- Claiming an email domains
- Connecting Okta to a federated identity solution
- Manually create/edit users in Okta
- First steps for new accounts
- Configure Acrobat Sign
- Configuration Overview
- System requirements
- Branding
- User access to features
- User experience within the application
- Recipient experience when interacting with agreements
- Transaction security
- Compliance information
- Configuration Overview
- Administrator processes
- Admin guide overview
- Users
- Groups
- Templates
- Custom workflow designer
- GDPR deletion processes
- Sandbox
- User environment and processes
- Support resources
- Transaction limits
- Page layouts
- Configure your profile
- Send agreements
- Compose an agreement to send for signature
- Recipient signing order
- Written signatures
- Send an agreement to yourself only
- Send in Bulk
- Sending from a template on the Manage page
- Sign agreements
- Fill and Sign a document
- Self Signing
- Signing a document from an email link
- Sign a document from the Manage page
- Compose an agreement to send for signature
- Custom workflow designer
- Manage agreements
- Search for agreements
- View Agreements
- Activity history and Audit Report
- Add a note to an agreement
- Set a reminder
- Cancel a reminder
- Add an expiration date
- Modify/Delete an expiration date
- Modify the files of a sent agreement
- Replace the current recipient
- Upload a signed agreement
- Share an individual agreement
- Download an agreement
- Download the individual files of an agreement
- Download the audit report
- Download the signer identity report
- Download the field data from an agreement
- Cancel an agreement
- Hide an agreement from view
- Reporting
- Create a report with classic reporting
- Report charts and data exports
- Data Exports
- Report Charts
- API
Connecting Okta to a federated authentication system
Okta allows for other federated identity solutions to maintain the source of truth around their users and function purely as access control for shared applications.
Below are direct links to the Okta documentation for their primary directory integrations.
Okta also permits external identity providers to be configured.
Log in to the Okta admin console and navigate to Security > Identity Providers > Add Identity Provider to see a list of options:
Notice that a generic SAML 2.0 IdP option exists for any SAML 2.0 compliant identity provider that isn't listed.
Adding the Acrobat Sign Administrative Roles to your directory or IdP configuration
Managing your users via directory or IdP will prevent the option to edit the user profile in the Okta admin console directly.
This means you must customize your identity solution to update the Acrobat Sign admin roles.
Each solution will have differences, but below are a couple of suggestions for some of the more common solutions that may help in your configuration.
Contact your onboarding/professional services team if you need assistance with your particular solution.
LDAP and Active Directory admins can use membership in a group to map the admin roles:
- String.stringContains(appuser.group, "signAdmins")? {"Account Admin"} : {} can be used to map the account admins.
- String.stringContains(appuser.group, "privacyAdmins")? {"Privacy Admin"} : {} can be used to map the privacy admins.
Configure the SAML 2.0 provider:
All SAML providers will have different interfaces and processes, so the below idea should be understood conceptually and followed to the best of your ability. Contact the Adobe professional services team if you have any trouble or concerns.
We are using OneLogin in this example. Both the SAML provider and the Okta admin console have configuration steps.