Documentation forSolarWinds Service Desk

OKTA Configuration Instructions

OKTA provides cloud software that helps companies manage and secure user authentication into modern applications, and for developers to build identity controls into applications, website web services and devices.

Success of this setup is contingent on the parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific to your needs.

Supported Features

The Okta/SolarWinds Service Desk SAML integration currently supports the following features:

  • SP-initiated SSO
  • IdP-initiated SSO
  • JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

The instructions below cover all aspects of the configuration process:

Step 1 - Configuration

  1. Log in to your SolarWinds Service Desk tenant as an administrator.
  2. Hover over the icon and navigate to Account and click Single-Sign On.
  3. Mark the check box labeled: Enable Single Sign-On with SAML.
  4. Enter the following:

    • Identity Provider URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Logout URL and Error URL: Copy and paste the following into both fields:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SAML Issuer: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Identity Provider x.509 Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

  5. Mark the check box if you wish to enable Just In Time (JIT) Provisioning: Create users if they do not exist.
  6. Mark the check box if you are going to disable the regular (username/password) login option: Redirect to the saml login page when logging into SolarWinds Service Desk by default.

DO NOT mark this box till SAML configuration is tested successfully. You will no longer be able to login with your username/password.

  1. Click Update.
  2. Optional: If you are using a custom SolarWinds Service Desk URL, using Domain Mapping configured in our SWSD the URL will be https://[mapped domain]/saml_login/[account name].

    In Okta, select the Sign On tab for the SolarWinds Service Desk app, scroll down to the ADVANCED SIGN-ON SETTINGS section, click Edit.

  3. Enter the ACS URL value (see Custom SolarWinds Service Desk URLs) into the corresponding field.

  4. Click Save.

You are done!

We have included some additional notes below to help you start strong.

Standard SolarWinds Service Desk URLs

Make sure that you entered the correct value in the Subdomain field under the General application tab in Okta. Using the wrong value will prevent you from authenticating via SAML to SolarWinds Service Desk.

Custom SolarWinds Service Desk URLs

If you have a custom SolarWinds Service Desk URL, obtain your ACS URL value as follows:

  1. Go to [customSolarWindsServiceDeskURL]/saml/metadata. An XML file like the following will appear once the page loads:

  1. Locate and make a copy of your ACS URL value from the Location attribute.

SP-initiated SSO

  1. Log in to the SWSD URL and navigate to SSO.
  2. Click Single Sign-On