PrivaceraCloud Documentation

Okta Setup for SAML-SSO
:

Okta is a third-party identity provider, offering single sign-on (SSO) authentication and identity validation services for a large number of Software-as-a-Service providers. PrivaceraCloud works with Okta's SAML (Security Assertion Markup Language) interface to provide an SSO/Okta login authentication to the PrivaceraCloud portal. For more information, see SAML - Activate SSO.

Integration with Okta begins with configuration steps in the Okta administrator console. These steps also generate a PrivaceraCloud account-specific identity_provider_metadata.xml file and an Identity Provider URL that are used in the PrivaceraCloud Okta/SSO configuration steps.

Note

To use Okta SSO with PrivaceraCloud, you must have already established an Okta SSO service account. The following procedures require Okta SSO administrative login credentials.

Generate an Okta Identity Provider Metadata File and URL
  1. Log in to your Okta account as the Okta SSO account administrator.

  2. Select Applications from the left navigation panel, then click Applications subcategory.

  3. From the Applications page, click Create App Integration.

    Note

    In addition to creating new applications you can also edit existing apps with new configuration values.

  4. Select SAML 2.0, then click Next.

  5. In General Settings, provide a short descriptive app name in the App name text box. For example, enter Privacera Portal SAML for SAML-SSO. Or, SaaS SAML RelayState for an IDP initiated SSO with RelayState.

  6. Click Next.

  7. In the SAML Settings configuration page, enter the values as shown in the following table:

    Field

    Value

    Single sign on URL

    https://yourhostname.com/SingleSignOnService/receiveResponse

    Audience URI (SP Entity ID)

    privacera_portal

    Default RelayState

    If you choose to enlist this feature it will be your 14-digit PrivaceraCloud Account ID number

    Name ID format

    Unspecified

    Application username

    Okta username

    UserID

    user.login

    Email

    user.email

    Firstname

    user.firstName

    LastName

    user.LastName

    The Default RelayState value identifies a specific application resource in an IDP initiated SSO scenario. In most cases this field will be left blank.

  8. Click Next.

  9. Select the Feedback tab and click I'm an Okta customer adding an internal app.

  10. Click Finish.

  11. From the General tab, scroll down to the App Embed Link section. Copy the Embed Link (Identity Provider URL) for PrivaceraCloud.

IDP initiated SSO
  1. From Applications, login to the Okta Home Page Dashboard as a user by selecting the Okta Dashboard icon.

  2. Login toPrivaceraCloud by selecting the newly added app icon.