Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed Okta SAML integration docs #426

Merged
merged 3 commits into from Aug 11, 2022
Merged

Fixed Okta SAML integration docs #426

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2087969
Fixed Okta SAML integration docs
jens-gellynck Aug 10, 2022
9f4074a
Update Configuring_external_authentication_via_an_identity_provider_u…
jens-gellynck Aug 10, 2022
e225752
Update Configuring_external_authentication_via_an_identity_provider_u…
MariekeGO Aug 11, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 14 additions & 4 deletions ...tion/Configuring_external_authentication_via_an_identity_provider_using_SAML.md
View file
Open in desktop
Expand Up @@ -50,7 +50,7 @@ Once this has been configured, if users try to log in to the DMA using external

## Creating a DataMiner metadata file

To create a DataMiner metadata file, proceed as follows:
To create a DataMiner metadata file (also referred to as *Service Provider Metadata*), proceed as follows:

1. Copy the following template into a new XML file named e.g. *spMetadata.xml*:

Expand Down Expand Up @@ -290,7 +290,7 @@ DataMiner supports Okta as identity provider as from version 10.1.11. Use Okta's
> [!TIP]
> It is recommended to use a PNG image with a transparent background and a landscape orientation.

1. Configure the SAML settings:
1. Configure the Okta SAML settings:

- **Single sign on URL**: The location where the SAML assertion is sent with a POST operation.

Expand All @@ -308,9 +308,9 @@ DataMiner supports Okta as identity provider as from version 10.1.11. Use Okta's
- ``https://dataminer.example.com/jobs/``
- ``https://dataminer.example.com/ticketing/``

- **Audience URI**: The intended audience of the SAML assertion.
- **Audience URI (SP Entity ID)**: The intended audience of the SAML assertion.

In this box, enter ``https://dataminer.example.com/root/``.
In this box, enter ``https://dataminer.example.com/``.

- **Name ID format**: The username format you are sending in the SAML Response.

Expand All @@ -319,6 +319,16 @@ DataMiner supports Okta as identity provider as from version 10.1.11. Use Okta's
- **Application username**: The default value to use for the username with the application.

Select "Email".

- **Attribute Statements**: Add a new attribute statement with name *Email* (case-sensitive), format *Basic*, and value *user.email*.

1. Open the *Sign On* tab of your Okta application and scroll down to *SAML Signing Certificates*.

1. In the *Actions* column of the *Active* certificate, click *View IdP metadata*.

1. Save this IdP metadata XML file to the DataMiner Agent, e.g. `C:\Skyline DataMiner\okta-ip-metadata.xml`.

1. Open the *DataMiner.xml* file and fill in the path to the IdP metadata file in the *ipMetadata* attribute of the *<ExternalAuthentication>* node.

## Error messages

Expand Down