Okta
In this document, you are going to set up Okta as an external IdP to IDmelon.
Initialize IDmelon Configuration as SP
Log in to the IDmelon panel, navigate to the Authentication section, and click Integrate with a New Identity Provider:
Then select Okta as the identity provider:
You will need the values provided in the newly opened window to set up Okta as an external IDP:
Configuring Okta as external IDP
In order to set up the connection, you will need to log into your Okta administration panel.
To login to the Okta administration panel, click the Admin button on the top right corner of Okta user panel page.
Add Service Provider
In the Okta administration panel, from the side menu, navigate to the Applications menu.
Then from the Applications menu, select the Applications sub-menu.
Then click on Create App Integration to have a custom configuration.
Now select SAML 2.0 and click Next.
On the first page of the configuration, select a name for your Application. Optionally, you can upload an image as an Icon and add a description.
On the following page, you should fill in the following fields:
- Single sign-on URL: with the value IDmelon provided in the panel.
- Audience URL (SP Entity ID): should be filled with the link you have in the IDmelon panel.
- Name ID Format: should be
EmailAddress - Application username: should be
Email
Finally, scroll down and click on Next. On the final page, click on Finish to create the configuration.
Finalizing IDmelon Configuration as SP
After creating the configuration, navigate to the Applications menu and the Applications sub-menu once more and select your app.
Click on the Sign On sub-menu.
you need the following fields for IDmelon, so scroll down and click on More Detail to see them.
Copy Sign on URL, Sign out URL, and Issuer to the IDmelon panel, and download the Signing Certificate and upload it to IDmelon. Then click on confirm.
Assigning Users and Groups
Now click on the Assignments sub-menu and from People or Groups section, click the assign button and assign users or groups that are able to log in to IDmelon.
Now both applications are connected. You can assign a group of users or all users of Okta to log in to IDmelon.