Configure Okta as SSO Provider

To use Okta as the SSO provider for Virtana Platform, you must configure specific settings as required by Virtana. You then copy the IdP SSO metadata URL from Okta and enter it in Virtana Platform to complete the configuration process.

About This Task

  • You will need to set up a SAML 2.0 application with your IdP.

  • After configuring Okta, you must copy the metadata URL, which is needed for Virtana Platform

Prerequisites

You must have administrator privileges in both Okta and Virtana Platform.

Steps

  1. Log into Okta as an administrator and navigate to Applications > Applications.

  2. Click Add Application.

  3. Click Create New App and select Web in the Platform dropdown.

  4. Choose SAML 2.0 and click Create.

  5. Enter an App name and upload a logo (if desired), and then click Next.

    Leave the App visibility options as the default.

  6. Enter the Single Sign On URL and leave Use this for Recipient URL and Destination URL checked.

    SSO URL: https://app.cloud.virtana.com/authentication/SSO/saml/acs

  7. Enter the Audience URI (SP Entity ID):

    URI: Virtana-Platform

    Leave Default RelayState and Name ID Format with the default settings.

  8. For Application username, select Email.

  9. Click Show Advanced Settings and under the Attribute Statements section do the following:

    Important

    Entries in the Name field must be exactly as indicated below. Names are case-sensitive. Ensure the spelling and capitalization are correct for the entries in the Name fields.

    1. For the first attribute statement enter the following:

      Name

      Name Format

      Value

      firstName

      Basic

      user.firstName

    2. Click Add Another and complete the second attribute statement:

      Name

      Name Format

      Value

      lastName

      Basic

      user.lastName

    3. Click Add Another and complete the third attribute statement:

      Name

      Name Format

      Value

      externalId

      Basic

      user.email

  10. Click Next and Finish.

    A page displays the Virtana Platform Settings on the Sign-On tab.

  11. In the Sign-on methods area, click Identity Provider Metadata under View Setup Instructions.

    vp-scrn-opt-sso-aws-settings.png
  12. Make a note of the IdP metadata URL that displays in the browser's URL field.

    You must enter this URL in the Virtana Platform SSO settings form.

    Tip

    This is not the same as the Identify Provider Single Sign-On URL that is displayed by clicking View Setup Instructions.

    vp-scrn-sso-metadata-url.png
  13. [Optional] Configure any other options, such as Password reveal or a Sign On Policy.

  14. Add users to the SSO application you just created.

This completes the Okta configuration. You can close Okta and log in to Virtana Platform to proceed with setup.

What's Next?

You must log in to Virtana Platform and configure SSO for the platform.