OKTA Configuration
Configuring OKTA
To configure OKTA:
1) Connect to your OKTA account.
2) Go to Admin Portal > Applications.
3) Click Add application.
4) Click Create New App.
5) Select Web platform and SAML2 sign on method.
6) Click Create.
7) Enter the General Settings as you want.
8) Click Next.
9) Enter Single Sign on URL with the following URL syntax:
http://<server name>/uas/authservices/acs
10) Enter Audience URI and Default Relay state with the following URL syntax:
https://<server name>/uas
11) In Attribute statements, do not forget to add an attribute named “sub” and it value will be your UAS login so you can choose user login or email.
12) Retrieve the SAML metadata and store it in UAS folder or secured folder in your network accessible by HTTP.
Configure UAS with OKTA
To configure UAS with OKTA:
1) Go to HOPEX Administration.
2) Right-click HOPEX and select Options > Modify.
(Check that you are in Extended view)
3) Expand Installation > Authentication folders.
4) Select Identity Providers and in the right pane, select “Activation of the SAML2 identity provider”.
5) Expand Identity Providers and select SAML2.
In the “Contact email” field: enter OKTA administrator email.In the “Location of the metadata file” field: enter the UAS URL where you store the metadata retrieved before. In the “Identifier of the SAML2 identity provider” field: enter the Url in the following format:http://www.okta.com/<youroktaid>
In the “Return URL” field : enter the Hopex URL in the following format:https://<server name>/hopex
In the “Sign on URL” field Enter your Sign on URL: https://<name of your organization>.okta.com/app/<appname>/<oktaid>/sso/saml
Set the certificate friendly name and password if it is necessary.