Applies to: Okta

Summary

This article provides instructions for setting up Okta integration with Cloud Portal.

IMPORTANT: This process requires coordination between the Cloud Portal 
Administrator and the Okta IT Administrator.

Setting Up Okta

Cloud Portal Admin: Prepares the Files

To prepare files in Cloud Portal:

1. Log in to Cloud Portal. 
    
2. Navigate to Settings > Organization settings
   
   
    
3. Click the Identity providers tab.
   
   
    
4. In the Option section, select the radio button for either Auth (SSO) only or Auth & Provisioning.
   
   Refer to Okta: Overview and Policies to understand which option best fits your organization.
    
5. In the SAML configuration section, click Download to save the metadata file. 
   
   The metadata file contains the audienceURI and singleSingOnURL needed to set up SAML in Okta.
   
   
    
6. Send the file to the Okta IT Administrator.

Okta IT Admin: Creates the SAML Application

To create SAML application in Okta:

1. Log in to Okta and go to the Admin page.
    
2. In the navigate bar on the left, click Admin Console > Applications > Applications.
   
   
    
3. Click Create App Integration.
   
   
    
4. In the Sign-in method section, select the radio button for SAML 2.0, then click Next.
   
   
    
5. Enter App name and click Next.
   
   
    
6. Configure SAML Settings using metadata. 
   
   
   
   Single sign-on URL: Found in the SAML.txt file from the Cloud Portal admin
   Audience URI (SP Entity ID): Found in the SAML.txt file from the Cloud Portal admin
   Name ID format: EmailAddress
   Application username: Okta username
    
7. Click Finish.
    

8. Click the Sign On tab.
    

   
    

9. Select View IdP metadata from the Actions drop-down menu. 
   
   
   
   A new browser opens displaying the raw XML code.
   
   
    
10. Click anywhere on the page, select Save as (or press Ctrl + S), and save the file as an XML document.
     
11. Send XML file to the Cloud Portal Admin.

Cloud Portal Admin: Uploads Okta Metadata

Upload the XML file to the Okta integration page in Cloud Portal. Ensure the file is under 1MB.


 

Cloud Portal Admin: Applies and Verifies Integration

To apply and verify integration:

1. Ensure all uploaded and generated information appears correctly on the Cloud Portal screen.
    
2. Click Apply.

Additional Settings for Provisioning

Cloud Portal Admin: Generates SCIM Credentials

IMPORTANT: If you selected the Auth (SSO) only option, skip this section.

To generate SCIM credentials:

1. In the SCIM configuration section, click Download to download the SCIM.txt file.
   
   
    
2. Share these credentials securely with your IT Administrator.

Okta IT Admin: Enables Provisioning

To enable provisioning:

1. Click the General tab > Edit.
   
   
    
2. In the General > App Settings section, select the SCIM radio button and click Save.
   
   
    
3. Navigate to Provisioning > Integration and click Edit.
   
   
    
4. Enter your credentials. 
   
   
   
   SCIM connector base URL: The SCIM endpoint URL from the SCIM.txt
   Unique identifier field for user: userName
   Supported provisioning actions: Check the following options (Import New Users and Profile Updates, Push New Users, and Push Profile Updates)
   Authentication Mode: HTTP Header
   Authorization: The SCIM Token from the SCIM.txt
    
5. Click Test Connector Configuration to complete the test, then click Save.
    

6. In Provisioning > To App, click Enable for the following: Create Users, Update User Attributes, and Deactivate Users.
    

   
    

7. Click Save.

Cloud Portal Admin: Applies and Verifies Integration

To apply and verify integration:

1. Confirm all uploaded and generated information appears correctly on the Cloud Portal screen.
    
2. Click Apply. 
   
   Your Okta integration is now complete.