LogoLogo
  • What is configure8?
  • Quickstart
  • Fundamentals
    • Creating an account
    • Dashboard
      • Custom Dashboards
      • Left Menu Items
    • Inviting your team
    • Collaborative Cost Management
    • Data Flexibility
      • Data Flexibility calculated properties
      • Customizing Table Columns
        • Icons
      • Data Flexibility Samples Library
        • Add Line of Business Hierarchy - Aggregations and Dashboards
        • Add Deploys data to services
        • Add Incidents data to Services and Deploys
        • Add Service Data - Cost Center
        • Add a API Documentation Schema and Swagger UI plugin
    • Self-Service Actions
      • Input Types
        • Text
        • Number
        • Email
        • URL
        • Datepicker
        • Checkbox
        • Dropdown
        • Item Selector
      • Dynamic inputs
      • Dynamic fields
        • User dynamic fields
        • Catalog dynamic fields
          • Applications
          • Services
          • Resources
        • Using Secrets
      • Sample User Inputs Forms
      • Sample Self-Serve Actions Library
        • GitHub Actions - Create GitHub repository
        • GitHub Actions - Create and setup service in configure8 via public API
        • Azure DevOps pipeline - Create resource in Azure Cloud with Terraform
    • Services
      • Service Metadata
    • Environments
    • Resources
      • Resources AWS Security Hub Findings
      • Resource Auto Mapping
    • Applications
    • Repositories
    • Scorecards
      • Scorecard Basics
      • Scorecard Checks
        • Custom Data Check
      • Scorecard Metric Levels
      • Service Macros
      • Message Service Owners
      • Sample Operational Readiness Scorecard
    • Integrations
      • Plug-ins
        • AWS
        • AWS Security Hub
        • Azure
        • Azure DevOps
        • Bitbucket
        • CircleCI
        • Datadog
        • Embed View (iframe)
        • GCP
        • GitHub
        • Gitlab
        • Jenkins
        • Jira
        • Kubernetes agent
        • New Relic
        • Opsgenie
        • PagerDuty
        • Splunk On-Call
        • SonarCloud
        • Markdown Plugin
        • Custom Widget
          • Charts Widget
        • Wiz
      • Other tools
        • Terraform
        • Pulumi
        • Crossplane
        • Ansible
        • Puppet
        • Chef
        • AWS CloudFormation
        • OpenTofu
        • API For Everything Else
    • People
      • Users
      • Teams
        • Team Metadata
    • Role-Based Access Control
    • Settings
      • Credentials
        • Discovery Logs
      • Identity Management
        • Single Sign On (SSO)
          • Okta
          • Microsoft Entra ID (Azure AD)
        • Users and groups provisioning (SCIM)
          • Okta integration
          • Microsoft Entra ID (Azure AD)
      • Organization
      • API Key Management
      • Secrets
      • Catalog import and maintenance
    • Security
    • Visualizations
  • Reference
    • API Documentation
      • Catalog Entity
        • Common Endpoints
        • Relation Endpoints
        • Batch Endpoints
        • Application
        • Base (Custom Schemas)
        • Environment
        • Library and Manifest
        • Repository
        • Resource
        • Service
        • Team
        • Vulnerability
      • Costs
      • Credentials
      • Module Settings
      • Public API Query Builder
      • Scorecards
      • Templates
      • Users
      • Schemas
      • Self-Service Actions
    • API Examples
    • Self-Hosting configure8
      • Configure AWS access for the discovery job using service account (AWS EKS)
      • Configure AWS access using IAM role for EC2
      • Configure AWS access using access keys for IAM users
      • Configure AWS access using GCP ServiceAccount (GKE)
  • Extras
    • Release Notes
    • K8s agent Release Notes
    • Self-Hosting configure8 Release Notes
Powered by GitBook

Copyright © 2023 configure8, Inc. All rights reserved.

On this page
  • Create application in Okta
  • Set up SSO in configure8
  • Set up user attributes
  1. Fundamentals
  2. Settings
  3. Identity Management
  4. Single Sign On (SSO)

Okta

Step by step guide on how to configure Okta SSO

PreviousSingle Sign On (SSO)NextMicrosoft Entra ID (Azure AD)

Last updated 11 months ago

Summary - Integrating with Okta SSO

  1. Create application in Okta

  2. Set up SSO in configure8

  3. Set up user attributes

Create application in Okta

As an admin, go to Applications -> Create App Integration and create a new SAML 2.0 integration:

In the step2 Configure SAML, add:

  1. Get your "Organization ID" value from configure8 application in: Settings -> Organization -> Organization ID. Should be a hash string for instance: "7c4b66c9-22db-r2d2-8cea-126e781a5d42" .

    • Set the Single sign-on URL as "https://app.configure8.io/api/v1/auth/saml/7c4b66c9-22db-r2d2-8cea-126e781a5d42/callback", replacing with your Org ID.

  2. Audience URI as "https://app.configure8.io".

  3. Name ID format to EmailAddress.

  4. Application username to Email.

  5. Next.

Okta will ask for feedback in the step 3, but this is not relevant.

After you setup your configure8 application in Okta, you should see the following information in Sign-On tab:

Set up SSO in configure8

The information that is needed for Single Sign-on Setup can be found in More Details section:

Copy Sign on URL and Signing Certificate then go to configure8 SSO menu (Settings->Identity Management->SSO->Setup SSO) and paste it on the Login URL and Signing Certificate:

After saving, you will be provided with a Sign-on URL for your users to login:

Next, generate the XML metadata for Okta configuration. You will need the following data from generated XML:

Edit you Application SAML configuration in Okta and double check the information provide before matches. Location as Single sign-on URL, entityID as Audience URI (SP Entity ID) and EmailAddress as Name ID format mapping.

Set up user attributes

In order to assign users correct email, you should ensure that one of the following requirements is fulfilled:

First option - User Name to email

Your Okta users' Username are set to their emails like this:

Second option - other attributes

Your Attribute Statements mapping has email mapping to user.email:

This is how Okta will pass the correct value as user email.

Important: FirstName and LastName have to be specified for correct mapping.

After configuring SAML, you can save changes in your Okta application and start using SSO.