The Adobe Admin Console allows a system administrator to configure domains which are used for login via Federated ID for Single Sign-On (SSO). Once the domain is verified, the directory containing the domain is configured to allow users to log in to Creative Cloud. Users can log in using email addresses within that domain via an Identity Provider (IdP). The process is provisioned either as a software service which runs within the company network and is accessible from the Internet or a cloud service hosted by a third party that allows for the verification of user login details via secure communication using the SAML protocol.
One such IdP is Okta, a cloud service which facilitates secure identity management.
To configure single sign-on for your domain, do the following:
- Sign in to the Admin Console and start with creating a Federated ID directory, selecting Other SAML Providers as the identity provider. Copy the values for ACS URL and Entity ID from the Add SAML Profile screen.
- Configure Okta specifying the ACS URL and Entity ID, and download the Okta metadata file.
- Return to the Adobe Admin Console and upload the Okta metadata file in the Add SAML Profile window and click Done.
Ensure that you have an Okta dashboard configured and accessible with administrative rights for the domain in question. To set up SSO with Okta, do the following:
To update the latest certificate to the Adobe Admin Console, return to the Adobe Admin Console. Upload the certificate downloaded from Okta, to the Add SAML profile screen and click Done.
If you need assistance with your Okta single sign-on configuration, navigate to Adobe Admin Console > Support to contact us.