Client browsers must be configured for IWA
Okta Active Directory Agent is configured and working
At least one Active Directory server is configured for Okta IWA
A8 Admin Console
Define your vanity URL e.g. mitchmurray (fictional customer) by editing your Org name.
Download the SP Encryption Certificate SP_cert.crt to your computer.
Do not hit save, leave page open.
Okta - Allow IFrame Embedding
Login to your Okta Portal as an admin
Click Settings > Customization
Scroll to the bottom of the page, click Edit > Allow IFrame embedding > Save
Okta - Add a New Application
In Okta click Admin > Applications > Add Application
Click Create New App > Create
Name your app e.g. a8 Silo, click Next
Copy the SP Post Back URL (not Silo Access Portal URL) from AC and paste it into the Okta Single Sign on URL box
Copy the SP Identity ID from AC and paste it into the Okta Audience URL box
In DefaultRelayState entry box, enter: 2 (if using SAML SSO via the Silo Web Client, then enter a value of "4" for this field)
Set the name ID and Application username format. EmailAddress is recommended.
Click Advanced Settings, change Assertion Encryption to Encrypted. Upload the SP_cert.crt Encryption Certificate you downloaded from your AC, click Upload Certificate
Choose "I'm an Okta customer adding an internal app"
Click View Setup Instructions
Copy the Identity Provider Single Sign-on URL from Okta to AC IdP Login URL:
Copy the Identity Provider Issuer URL from Okta to AC IdP Issuer:
Download the X.509 Certificate from Okta and upload it to AC
*Note: Authentic8 makes no warranty on third-party software. We assume no responsibility for errors or omissions in the third-party software or documentation available. Using such software is done entirely at your own discretion and risk.
Please contact Support if you have any additional questions and/or require further information.