SAML & SCIM CONFIGURATION GUIDE FOR OKTA
2y ago
51 Views
1 Downloads
552.72 KB
10 Pages
Report/dmca
Download PDF

Transcription

S A M L & S C I M C O N F I G U R AT I O N G U I D EF O R O K TAV4Clue Computing Company Ltd – Clue RestrictedPage 1 of 10

CONTENTSContents . 3Features . 3Prerequisites . 3Install the Clue App . 4Configure SAML . 6Configure SCIM . 8Troubleshooting Tips . 10V4Clue Computing Company Ltd – Clue RestrictedPage 2 of 10

This guide explains how to configure and install the Clue app in Okta. Clueenables you to use SAML as your method of authentication, and SCIM as yourmethod of provisioning users.FEATURESThe following features are supported by Clue via integration with Okta: Single Sign-On using the SAML protocol Push New Users: New users created through Okta will also beprovisioned in Clue. Push Profile Updates: Updates made to the user's profile through Oktawill be pushed to Clue, updating the user’s attributes. Push User Deactivation: Deactivating the user or disabling the user'saccess to the application through Okta will deactivate the user in Clue. Reactivate Users: Reactivating a user in Okta will reactivate the user inClue.PREREQUISITESThis guide assumes the following, ensure you have this set up before youstart configuring Okta to work with Clue: An Okta account with admin privileges (If applicable) Integrate your existing Active Directory with Okta usingthe Okta AD agent. For more information see the Okta architecture/ To automatically provision users you will need a SCIM provisioningsubscription. Contact your Okta representative to ensure yourorganisation has the appropriate subscription.V4Clue Computing Company Ltd – Clue RestrictedPage 3 of 10

INSTALL THE CLUE APPThe first step to enabling access to Clue via Okta is to install the Clue appwithin your Okta account.1.2.3.4.5.Log in to OktaGo to the Applications tab and click “Add Application”Search for the “Clue” appClick “Add” in the search results to add the app.In the “General Settings” enter the following information:1. Enter your main Clue URL, into the Base URL field, eghttps://demo.clue.co.uk2. Application Visibility - configure if this app is made visible to userswithin Okta6. Click “Save”V4Clue Computing Company Ltd – Clue RestrictedPage 4 of 10

V4Clue Computing Company Ltd – Clue RestrictedPage 5 of 10

CONFIGURE SAML1. In the Okta admin portal, go to the the “Sign On” tab and selected“View Setup Instructions” under the “SAML 2.0” section2. Obtain the SAML SSL Certificate from Okta. Send the certificate to yourClue representative who will be able to install the certificate into yourClue instance to enable SSO. Provide the following information, that willbe obtained from Okta, to your Clue representative:1. okta.cert - the SSL certificate2. Identity Provider Single Sign-On URL3. Identity Provider Issuer URLV4Clue Computing Company Ltd – Clue RestrictedPage 6 of 10

V4Clue Computing Company Ltd – Clue RestrictedPage 7 of 10

CONFIGURE SCIMContact your Clue representative to enable provisioning through Okta. YourClue contact will provide you with the Clue authentication token required toenable the integration.To configure your provisioning settings for Clue in Okta:1. Check the Enable provisioning features box2. Enter the Base URL, provided by the Clue team3. API Authentication - A token will also be provided by the Clue teamand should be input into the API Key field.4. Select “To App” and configure the provisioning actions you wish tosynchronise from Okta to Clue.5. Under the Clue Attributes Mappings header, configure the ClueAttributes to be mapped from Okta.V4Clue Computing Company Ltd – Clue RestrictedPage 8 of 10

V4Clue Computing Company Ltd – Clue RestrictedPage 9 of 10

TROUBL ES HOOTING T IPSInitial activation of Okta provisioning requires contacting your Clue representative orsupport@clue.co.uk who will be happy to answer any questions during your configuration process.During the activation process, an approved list of valid Affiliates is defined. If a user in Oktareceives an invalid Affiliate value, this will produce an error and the user becomes inactive (locked).To unlock the user, set a valid Affiliate value and re-provision the user again.V4Clue Computing Company Ltd – Clue RestrictedPage 10 of 10

2. Obtain the SAML SSL Certificate from Okta. Send the certificate to your Clue representative who will be able to install the certificate into your Clue instance to enable SSO. Provide the following information, that will be obtained from Okta, to your Clue representative: 1. okta.cert - th

Related Books

Ephesoft Transact Manual SAML 2.0 SSO Configuration Guide

Ephesoft Transact Manual SAML 2.0 SSO Configuration Guide

Security Assertion Markup Language (SAML) 2.0 Technical .

Security Assertion Markup Language (SAML) 2.0 Technical .

Spring Security SAML Extension

Spring Security SAML Extension

SAML Security Assertion Markup Language

SAML Security Assertion Markup Language

It is I, SAML

It is I, SAML

MuseKnowledge Proxy and SAML Authentication

MuseKnowledge Proxy and SAML Authentication

Fortress SAML - Open Source and Cycling

Fortress SAML - Open Source and Cycling

Configuring Sakai 11 for SAML Authentication with ADFS

Configuring Sakai 11 for SAML Authentication with ADFS

Jabber Configuration for Cisco Instant Connect Configuration

Jabber Configuration for Cisco Instant Connect Configuration

Data Center Configuration Guide - Cisco

Data Center Configuration Guide - Cisco

Configuration Guide for F5 BIG-IP Local Traffic Manager .

Configuration Guide for F5 BIG-IP Local Traffic Manager .

Configuration Guide for BIG-IP Local Traffic Management - F5

Configuration Guide for BIG-IP Local Traffic Management - F5

PopularTags

Recent Views