Okta configuration
  1. 1.
    Sign in to Okta as an administrator
  2. 3.
    On the "Configure SAML" screen enter the data collected from Sleuth
    1. 1.
      Enter Sleuth's Assertion Consumer Service as "Single sign on URL"
    2. 2.
      Enter Sleuth's **SAML Entity ID **as "Audience URI (SP Entity ID)"
    3. 3.
      Set "Name ID format" as "EmailAddress"
  3. 4.
    Set Attribute Statements
    1. 1.
      **email **-> user.email
    2. 2.
      **first_name **-> user.firstName
    3. 3.
      **last_name **-> user.lastName
  4. 5.
    Optional: if you want users logged out of Okta application when they log out of Sleuth:
    1. 1.
      Click "Show Advanced Settings"
    2. 2.
      Next to "Enable Single Logout", select the checkbox "Allow application to initiate Single Logout"
    3. 3.
      Enter Single Logout Service URL from Sleuth
    4. 4.
      Paste Sleuth's SAML Entity ID value to "_SP Issuer" _field
    5. 5.
      Click "_Browse" _next to "Signature Certificate" and upload Sleuth x509 certificate
  5. 6.
    Continue clicking through Okta set up until finished
  6. 7.
    Upon wizard completion, you need to set Default Relay State in order to enable IdP initiated login. Click _Edit _and enter the default relay state. You can find the value you need to enter back in Sleuth SAML configuration page under **Sleuth Service Provider data **section: **Default Relay State **
  7. 8.
    Now you are ready to import Okta metadata into Sleuth. On the application "Sign On" tab right-click on "Identity Provider metadata" _ and select "Copy Link Address" and use this as point Sleuth to metadata file URL** **_in the next step of setting up SAML integration: Entering Identity Provider Metadata
Last modified 24d ago
Copy link