We have a workflow management system(asp.net web) which is based on the Form authentication (Username and password in DB). Now there is a request from our client to integrate SSO using Okta IAM and they do not wish to maintain separate username and password for accessing the workflow management system. The application remains to be hosted in our environment (service provider) and authentication to be done from the consumer end (client AD). To enable the organizational authentication, what are the questions (like LDAP address or ADFS STS) with our client and what changes to be made in the web application? It would be good if someone can guide and share the samples