Okta

Describes how to set up and configure an SSO integration for Okta.

Leave Feedback

Introduction

SSO integration configuration is done with both Okta and OpsRamp. The configuration sets up redirects to the custom branded URL.

Prerequisite

  • Partners must register with OpsRamp to receive OpsRamp login credentials.
  • Provide your custom branding URL (such as <yourwebsitename>.opsramp.com).

Okta configuration

To configure SSO integration:

  1. From the Okta console, select Applications from the top menu.
  2. Click +Add Application.
  3. Provide the following settings and click Create.
    • Platform: Web
    • Sign on method: SAML 2.0
  4. From the Create SAML Integration screen, perform the following steps:
    1. From the General Settings tab, provide the following settings and click Next.
      • App name: OpsRamp (Example)
      • App logo: Upload OpsRamp logo
    2. From the Configure SAML Integration tab, provide the following settings:
      • Single sign on URL: https://<yourwebsitename>.opsramp.com/samlResponse.do
      • Audience URI (SP Entity ID): https://<yourwebsitename>.opsramp.com
    3. Click Download Okta Certificate. The certificate gets downloaded onto your system.
    4. (Optional) To configure JIT user provisioning, select Show Advanced Settings > Attribute Statements and configure.
  5. From the Applications menu, select the OpsRamp app and review the settings on the Sign On tab.
  6. Select View Setup Instructions and configure the following:
    • Okta instructions Issuer URL
    • Redirection URL
    • Logout URL
    • Certificate
Single Sign-On Settings

Single Sign-On Settings

OpsRamp configuration

To configure SSO integration:

  1. From All Clients, select a client.
  2. Go to Setup > Integrations > Integrations.
  3. From Available Integrations, select SSO > Okta and click Install.
  4. Provide the following:
    • Issuer URL: Identity provider Issuer URL
    • Redirection URL: SAML EndPoints for HTTP
    • Logout URL: URL for logging out
    • Certificate: x.509 Certificate
  5. (Optional) Provide user provisioning settings to enable JIT.se
  6. Click Install.

Okta verification

To verify SSO integration:

  1. From the Okta console, go to the OpsRamp Application.
  2. Click Sign On, and then click View Setup Instructions.
  3. Verify the following settings:
    • Issuer URL: Identity Provider Issuer URL
    • Redirection URL: Identity Provider SSO URL
    • Logout URL: URL for logging out
    • Certificate: x.509 Certificate