Okta Identity Provider Setup¶
This document describes the steps to configure Okta as an Identity Provider to integrate with Cyderes. Cyderes will act as the SAML Service Provider or "SAML SP".
Adding a New Application¶
- Log in to the Okta organization admin console
- Click on the Applications link in the upper navigation bar
- Click on Create New App button
- In the dialog that opens, select the SAML 2.0 option. Now click the Create button. If this option is not shown, ensure that the Classic Okta UI is being used (instead of the Developer Console).
- In General Settings enter an App name for the SAML application (Cyderes Inbound SAML). Under App Visibility select "Do not display application icon to users". Then click the green Next button.
- In SAML Settings paste the Single sign on URL and Audience URI (SP Entity ID). These two values will be provided by Cyderes during the SSO portion of on-boarding.
In the Attribute Statements section, add three attribute statements:
Claim Name Value FirstName user.firstName LastName user.lastName user.email
In Feedback step select I'm an Okta customer adding an internal app, and This is an internal app we have created. Click Finish.
- The Sign On section of the newly created Cyderes Inbound SAML application appears. Keep this page open in a separate tab or browser window. This page will be returned to later in this guide and copy Identity Provider metadata link (To copy that link, right-click on the Identity Provider metadata link and select Copy).
- In a new tab or browser window, click on the Assign button and select Assign to People.
- A dialog titled Assign Cyderes Inbound SAML Application to People will appear. Type a username into the search box, select the Assign button next to the username.
- Verify the user-specific attributes, then select Save and Go Back.
- Click Done to exit the assignment wizard.
Adding Bookmark App¶
- Click on Applications and Browse App Catalog
- Search App Integration Catalog for "Bookmark App" then select Add Integration in the upper right
- In the General Settings enter an Application label for the Bookmark App (Cyderes Portal)
- For URL enter "https://my.cyderes.com"
- Select Done
- Ensure you assign the same Users or Groups under the Assignments tab as was assigned to the Inbound SAML App that was created above
Send the Identity Provider metadata from step 9 to Cyderes in order to allow Cyderes to add the Okta instance as an IdP.