Okta Configuration

Okta Configuration

Overview

This document outlines the procedure on how to configure Okta for Uptycs SAML integration

Prodedure

Pre-requisite(s)

Admin access to Okta

Enabling and Adding new Application in Okta for Uptycs

Following procedure outlines steps with sample screenshots to create a new application for Okta authentication. 

Login into Okta as admin user

Set the app integration in okta website




  • Click on Create App Integration and select the SAML 2.0 in the given options

In general Settings , give the appropriate app name and logo(optional)

  • Click on Next Button




In Configure Saml Tab

  • Give the Single Sign On URL as https://<domain>.uptycs.io/saml/callback or https://<domain>.uptycsonboard.com/saml/callback where domain is set by the customer

  • Audience URI or SP Entity Id uptycs-{domain}

  • NameID format is a field which is sent in the assertion which represents the format.

How to add a customer user attribute for the app


  • click on the Profile Editor in the Directory.





  • Click on Edit Profile on the application created

  • Click on Add Attribute Button


Example: (Adding an attribute “ln“ for Role Mapping)




  • Set the attribute’s Datatype as 'string' and Display name and Variable name as “ln”

  • click on save

Add the new attribute to the user

  • Click on Edit in SAML SETTINGS

  • In the Configure SAML tab, Click on Add another button






















Give the name as “ln” and value as “appuser.ln”(which we have added as a new customer attribute is the user attributes)

*** This Step is Optional. If you want auto-creation of users from the Okta side, then use role mapping. If you want this only on the Uptycs side, then disregard this step
Firstname, Lastname and email are required, but ln is only used for auto-creation of users on the Okta side.
Go to the People Tab in the directory Section



Click on any user in the list who was added to the uptycs app



Click on Edit in Profile Tab

Set the attributes

  • set the attributes firstName, lastName, MiddleName, pn(phone number) which are required for profileIdentifier

  • If you need to Add more attributes GO to the Profile Editor in Directory Tab

  • Set the Display Name, Variable Name and Data Type(NOTE: The Variable name should be same as which are in the settings column in customers table)



  • In the Feedback tab, Set as Okta Customer adding an internal app and click on finish

Sending data back to Uptycs


Once these configuration are done at your end, please send the IdP Metadata as an XML back to us.
This can be achieved by going into your created application, going into the sign-on tab, scrolling down until you see this.

And selecting "View SAML setup instructions". On the new tab, you will see IdP metadata.
Save that string as an XML and send that over to us so we can configure access on our side.





    • Related Articles

    • SAML Configuration

      Uptycs supports SAML 2.0 authentication and is configured on the back-end by Uptycs Customer Success Team. Before generating metadata file on your side, request Uptycs to provide the config xml with contains Uptycs public cert. Here are the other ...

    • LDAP Integration

      Overview This document outlines all the information needed from the customer for Uptycs to configure LDAP authentication Required Information            Parameter     Example URL                "ldaps://ldap.testcloud.com:636" BindDN .     ...

    • Create Jira Tickets from Uptycs Alerts

      This python module allows you to create Jira tickets from Uptycs alerts.  Usage: ./uptjira.py <uptycs_apikey_file> [--domainsuffix <uptycs_domain>] The --domainsuffix flag is only required for uptycs domains other than '.uptycs.io' This python script ...