Minimum Software Version8.18.10
Solution(s)Cases International Cases US Institutions Counsel

As part of the 8.11 release, customers using Single Sign On (SSO) may need to update their Identity Provider (IdP) configuration to ensure uninterrupted access to Opus 2. This article outlines how to update the Redirect URI (Reply URL) and related identifiers for commonly used IdPs.


Changes introduced in version 8.11 require updated SSO values to be configured within your Identity Provider. If these updates are not applied, users may experience login failures when authenticating via SSO.

This article provides guidance for updating the required values for the most common IdPs, including ADFS, Microsoft Entra ID (formerly Azure AD), OKTA, and DUO. If your IdP is not listed, Opus 2 Platform Support can assist with the required configuration updates.

ADFS

Use the following steps to update the Redirect URI and Relying Party Trust Identifier in ADFS:

  1. Browse to the Opus 2 Application in ADFS Management.
  2. Navigate to the Identifiers tab.
  3. Add the new Relying Party Trust Identifier provided by Opus 2.
  4. If required, update the Redirect URI using the value provided by Opus 2 within the same configuration wizard.

Example:
Add the newly supplied Opus 2 Identifier to ensure SAML assertions are correctly issued after the 8.11 update.

For additional guidance, refer to Microsoft’s ADFS documentation.

Microsoft Entra ID (Formerly Azure AD)

Use the following steps to update the Identifier and Reply URL:

  1. Browse to the Opus 2 Application in the Microsoft Entra administration panel.
  2. Select Edit in the Basic SAML Configuration section of the Set up single sign-on panel.
  3. Update the Identifier using the value provided by Opus 2.
  4. Update the Reply URL using the new Reply URL provided by Opus 2.

Example:
Replace the existing Reply URL with the newly supplied Opus 2 value to restore SSO access post‑upgrade.

For more details, refer to Microsoft’s guidance on updating SAML configuration values.

OKTA

Use the following steps to update the Single Sign-On URL and Audience URI in OKTA:

  1. Browse to the Opus 2 Application in the OKTA Administration Panel.
  2. Note that OKTA allows only one URL per application, so both values must be updated ahead of the change.
  3. Update the Single sign-on URL with the value provided by Opus 2.
  4. Update the Audience URI with the value provided by Opus 2.

Example:
Ensure both URLs are updated simultaneously to prevent authentication failures during the transition.

For additional instructions, refer to OKTA’s application configuration documentation.

DUO

Use the following steps to update Assertion Consumer Service and Entity ID in DUO:

  1. Log in to the DUO Admin Panel as an administrator.
  2. Navigate to Applications and select Opus 2.
  3. In the Service Providersection, update:
    • Assertion Consumer Service (as provided by Opus 2)
    • Entity ID (as provided by Opus 2)
  4. Save the changes.

Example:
Updating the Assertion Consumer Service ensures DUO continues to deliver authentication responses to the correct Opus 2 endpoint.

For further information, refer to DUO’s documentation.


Review and update your Identity Provider configuration as soon as possible after upgrading to Opus 2 version 8.11 to ensure uninterrupted Single Sign On access. If your IdP is not listed or you require assistance, contact Opus 2 Platform Support for guidance.