Set up a test okta

Navigate to http://developer.okta.com/
Click on Sign Up
Fill in your own name and email address to register, or login if you already have
Okta will send you a confirmation email, including your temporary password and a link to your new developer Okta instance
Navigate to the link in the email, and input your email address and the temporary password provided to you
Fill in the form presented to complete your registration, and click on Create My Account
You should now have an empty Okta instance with no apps, and only one user.
Click on < > Developer in the top-left corner and switch to the Classic UI.

Click on Admin, then Add Applications
Click on Create New App
Click Create New App, select your platform (web, native, or SPA) and choose SAML 2.0
Give your app a name and click Next
Fill in Single sign on URL with https://localhost:8443/saml/SSO
Fill in Audience URI with https://localhost:8443/saml/metadata
Your config should look like this
The rest of the fields can be left as they began, click Next
Select I'm an Okta customer adding an internal app
Check This is an internal app that we have created
Click Finish
Setup the metadata via url
1. Copy and paste the Identity Provider metadata url into the application.yml under security.saml2.metadata-url
OR setup the metadata via xml
1. Click View Setup Instructions
2. Copy the xml IDP Metadata from the Optional section into a file in your project: src/main/resources/saml/metadata.xml
3. Set metadataFilePath in SecurityConfiguration to the xml file (i.e. metadataFilePath("saml/metadata.xml")

One time application setup

Generate a keystore and key in src/main/resources/saml with password secret:

keytool -genkey -v -keystore keystore.jks -alias spring -keyalg RSA -keysize 2048 -validity 10000