OKTA Configuration
Configuring OKTA
To configure OKTA:
1) Connect to your OKTA account.
2) Go to Admin Portal > Applications.
3) Click Add application.
4) Click Create New App.
5) Select Web platform and SAML2 sign on method.
6) Click Create.
7) Enter the General Settings as you want.
8) Click Next.
9) Enter Single Sign on URL with the following URL syntax:
http://<server name>/UAS/AuthServices/Acs
10) Enter Audience URI and Default Relay state with the following URL syntax:
https://<server name>/UAS
11) In Attribute statements, do not forget to add an attribute named “sub” and it value will be your UAS login so you can choose user login or email.
12) Retrieve the SAML metadata and store it in UAS folder or secured folder in your network accessible by HTTP.
Configuring UAS with OKTA
To configure UAS with OKTA:
1) Go to HOPEX Administration.
2) Right-click HOPEX and select Options (Extended view) > Modify.
3) Expand Installation > Authentication folders.
4) Select Identity Providers and in the right pane, select “Activation of the SAML2 identity provider”.
5) Expand Identity Providers and select SAML2.
In the Contact email field: enter OKTA administrator email.In the Location of the metadata file field: enter the UAS URL where you store the metadata retrieved before. In the Identifier of the SAML2 identity provider field: enter the Url in the following format:http://www.okta.com/<youroktaid>
In the Return URL field: enter the Hopex URL in the following format:https://<server name>/hopex
In the Sign on URL field: Enter your Sign on URL: https://<name of your organization>.okta.com/app/<appname>/<oktaid>/sso/saml
Set the certificate friendly name and password if it is necessary. |
OKTA
|
HOPEX Options
|
|
Identity Provider Issuer
|
Identifier of the SAML2 identity provider
|
|
Identity Provider Single Sign-On URL
|
URL for connection to the SAML2 identity provider
|
|
Identity Provider metadata
|
Url of the metadata file
|