Versions Compared

Old Version 8

changes.mady.by.user August Heltne

Saved on

compared with

New Version 9

changes.mady.by.user Mari Fuglem

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

2024.04.22 Notice that the Kantga SSO app referred to in Configure Okta is not yet available. The app will be available as soon as the documentation is approved by Okta.

1. Display name

Choose a name for your identity provider. This is the user-facing name, so choose a name your users will recognize. This can be changed later.

...

3. Prepare IDP

Copy and save the Callback Reply URL for later. You will need this when configuring Okta.

...

Configure Okta

Status
colourPurple
titleExternal

Info

If you are using SCIM with your provider, make sure to check out the documentation for configuring this before proceeding. It might be that you need to configure this first or at the same time as setting up SAML.

...

Go to Applications → Applications in the menu and choose Create Browse App IntegrationCatalog.

...

Choose SAML 2.0 as Sign-in method and click Next.

...

Under General Settings enter a suitable App name and click Next.

...

Paste the Callback URL you kept from the KSSO setup wizard in the Single sign on URL and the Audience URI fields.

Then add the following attributes to the Attribute Statements list:

  • givenName with format Unspecified and value user.firstName

  • surname with format Unspecified and value user.lastName

  • email with format Unspecified and value user.email

...

Click Next.

Fill out appropriate background info for the Okta support team and click Finish.

...

On the next page, locate and click the View SAML setup instructions button. Its located in the bottom right part of the page.

...

This opens a page with SAML setup information.

Copy all the XML content from the IDP metadata text field, located under the Optional heading at the bottom of the page. You will need this content afterwards in the KSSO setup wizard.

Note that all content of the IDP metadata text field may not be visible without expanding the text field size.

...

You will lastly on the Okta side go to Sarch for Kantega and then select Kantega SSO.

...

Then click the Add integration button.

...

Enter an appropriate Application label in General Settings.

Click Next.

...

Choose SAML 2.0 as Sign on method.

image-20240422-140829.pngImage Added

Copy and keep the Metadata URL from the Metadata detailssection. You will need this later when you continue Identity Provider setup in KSSO.

...

Go to the Advanced Sign-on Settings section.

Paste the Reply URL you copied from Kantega SSO Identity provider setup (step Prepare IDP) into the SAML ACS URL field (in Okta).

Click Save

...

Go to the Assignment tab and assign the users and groups that should be allowed to log into this app using SAML.

...

Go back to the Kantega SSO setup wizard.

4. Metadata

Choose Paste metadata Metadata XML. file published online (URL)

Paste the XML content metadata URL you kept from the Okta app integration setup into the associated text field.

...

5. Redirect URL

No need to do anything. The Redirect URL is automatically fetched from the metadata you imported in the previous step.

...

Check that everything looks good and submit your setup (smile)

...

Test

Test that the log in with Okta works as expected. This will help identify if there are any issues with the configuration. Follow the steps to perform the login test.

...

image-20240422-150010.pngImage Added