How to enroll Access Appliance primary server as a service provider to Okta

Description

To enroll Access Appliance primary server as a service provider to Okta

1. Sign in to the Okta Administrator console with administrator privileges.
2. Under the Applications menu, click Applications.
3. Click Create App Integration to start the Application Integration Wizard.
    
4. Select SAML 2.0 as the Sign on method, and click Next.
    
5. Enter a name for the application. Click Next.
    
6. Enter the Single sign on URL and Audience URI (SP Entity ID).
   SSO URL for Access Appliance: https://<consoleip>:14161/api/appliance/v1.0/authentication/sso/login/callback?redirectURL=/login
   Audience URI (SP Entity ID) :  https://<consoleip>:14161/login
7. Under Attribute Statements (OPTIONAL), add the name and value of the Active Directory attributes that you want to provide to the Okta application.
   Define SAML attributes (Value field) that map to the userPrincipalName and the memberOf attributes in the AD or LDAP directory (Name field).
    
8. Click on Next and the Application gets created. Click on View SAML setup instructions.
    
9. Copy the application metadata and save it in a file with an .xml extension. For example: okta-metadata.xml
10. Enter the xml metadata under the Provide the following IDP metadata your SP provider field.
11. Go to Access Appliance UI. Go to Setting > Security Setting > Single Sign-on. Enter the basic details and upload the xml file. Provide an IDP name. Click Save.

Related Knowledge Base Articles

How to enroll Access Appliance primary server as a service provider to ADFS

How to enroll Access Appliance primary server as a service provider in Azure active directory Identity provider

How to enroll Access Appliance primary server as a service provider to PingFederate