Okta Identity Provider (SAML)

 

In order to set Okta as your Perimeter 81 Identity Provider follow these step by step instructions.
Note: In order to successfully integrate Okta and Perimeter 81 you must admin access in both platforms.

Configure your Okta account

1. Log in to your Okta account.

2. On the general Okta dashboard, select Dashboard. This takes you to the Okta Admin Dashboard.

3. Using the list of shortcuts at the right-hand side of the screen, select Add Applications.

4. On the Add Application page, select Create New App.

okta-add_app.png

5. On the Create a New Application Integration pop-up window, select Web as the Platform for your application and choose SAML 2.0 as the sign-on method. Select Create to proceed.

6. You will now create your SAML integration. On the General Settings page, provide the following:

  • App name: Perimeter 81
  • App Logo: (Optional)
  • App visibility: select whether you want your users to see your application icon and in what settings.

7. Select Next to proceed.

8. Next, you will see the SAML Settings page. Enter the following values into the appropriate fields:

Single sign on URL: https://auth.perimeter81.com/login/callback?connection={{WORKSPACE}}-oc
For example https://auth.perimeter81.com/login/callback?connection=myworkspacename-oc

Audience URI (SP Entity ID): urn:auth0:perimeter81:{{WORKSPACE}}-oc

For example, myworkspacename.perimeter81.com workspace should translate to
urn:auth0:perimeter81:myworkspacename-oc

Screen_Shot_2020-01-19_at_11.27.02.png

9. You will also need to add the following Attributes Statement:

  • Name: email
  • Name format (optional): Unspecified
  • Value: ${user.email}
  • Name: given_name
  • Name format (optional): Unspecified
  • Value: ${user.firstName} 
  • Name: family_name
  • Name format (optional): Unspecified
  • Value: ${user.lastName}

mceclip1.png

Now add the Group Attribute statement:

  • Name: groups
  • Name format (optional): Unspecified
  • Filter type: Matches regex
  • Value: .*

mceclip2.png

10. You can select Preview the SAML assertion to generate an XML file that can be used in order to verify that your provided settings are correct.

11. Select Next to proceed.

12. Finally, answer Are you a customer or partner? by selecting I'm an Okta customer adding an internal app. Select Finish (filling in the questions in this page is not mandatory).

You'll be directed to the Sign-On page for your newly-created app.

13. Select Assignment then Assign to create either groups or individual assignments from your Identity Provider to the application (this will determine who can access Perimeter 81).

14. Select Sign On and then View Setup Instructions to complete the process.

15. Take note of the Identity Provider Single Sign-On URL, and make a copy of the X.509 certificate.

 

Configure Perimeter 81

You need to configure the integration from the Perimeter 81 side.

1. Log in to your Perimeter 81 management dashboard, and navigate to Settings and then Identity Providers.

add_provider1.png

2. Select + Add Provider.

3. Select Okta Identity Cloud.

4. Fill in Sign In URL, Signing Certificate.

5. Add your organization domain.

6. Paste the certification from OKTA (begin and end line included).

okta-add_on_p81.png

7. Select Done.

Access Error troubleshooting

If your users are getting access error after the configuration, please check these steps.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.