Guides → Okta SSO Configuration

Okta is one of the SSO providers and it is a SaaS-based service that acts as a centralized authentication platform for different applications. When configured with Okta, the Incorta Direct Data Platform sends a request to Okta for authentication when a user tries to sign in. If Okta authenticates this user, it sends a SAML response containing the user’s identity (user ID) for the Incorta Direct Data Platform to in turn, provide the user with access.

Configure Okta to Use Incorta

Create an application in Okta for each Incorta tenant:

  • Log in to the Okta Administration Console
  • On the Applications tab, select Add Applications.
  • Create a new application and register Incorta.
  • Generate a property file.
  • Edit the property file to ensure and edit the following:
    • The single sign-on URL and other URL fields are your Incorta URL followed by /!tenant_name/. You must end the URL with the forward slash (/). For example: http://<cloud_cluster_name>!tenant2/
    • The loginName attribute matches the loginName used in your directory sync.
    • Set Name ID Format to EmailAddress.
  • Select Sign-in, then Identity Provider metadata to download the configuration file.

Edit the Okta Configuration File

Edit the configuration file to do the following changes:

  • Wrap the <md> tag with the tags: <configuration>, <applications>, and <application>.
  • Add <default>OKTA_APP_URL</default> directly under the tag <configuration>, where OKTA_APP_URL is the same as entityID.
  • Open the CMC and login.
  • Select Clusters > cluster_name > Tenants > tenant_name.
  • Select Configure.
  • Select panel, choose Security.
  • Copy and paste the file content in the Provider configuration property.

Create a user in Okta

Use the following steps to create a user in Okta:

  • Open the Okta admin page.
  • From the Directory tab, choose People.
  • Select Add Person.
  • Add the user information.
  • Select Send user activation email now, and then select Add Person to send the user an activation email and set their password.

Assign an application to a user

Use the following steps to assign an application to a user.

  • Open the Okta admin page.
  • From the Applications tab, select Applications.
  • Select the applications to assign to the user from the Applications table.
  • Select Assign Application.
  • Select a user.
  • Select Next and confirm.

Creating an Incorta Direct Data Platform User in Okta

  • Create a user in Incorta with the same username as the email address used to create the account in Okta.

    If the user’s email is not the same, Incorta will not recognize the user and thus will not grant access to that user.

  • Restart Incorta services.