OKTA SSO configuration
On this page
OKTA provides cloud software that helps companies manage and secure user authentication into modern applications, and helps developers to build identity controls into applications, website web services, and devices. You can integrate Active Directory through OKTA.
Success of this setup depends on the parameter values that are customized for your organization. Use the Okta Administrator Dashboard to add an application and view the values that are specific to your needs.
The Okta/SolarWinds Service Desk SAML integration currently supports the following features:
- Service Provider (SP) -initiated SSO
- Identity Provder (IdPP) -initiated SSO
- JIT (Just In Time) Provisioning
For more information on the listed features, visit the Okta Glossary.
The instructions below cover all aspects of the configuration process.
- In SWSD go to Setup > Account > Single Sign-On > Okta.
For each of the SWSD fields below, sign into the Okta Admin Dashboard to generate the variable, and copy/paste it into the appropriate field in SWSD.
- Identity Provider URL
- Logout URL and Error URL
- SAML Issuer
- Identity Provider x.509 Certificate
If you wish to enable Just In Time Provisioning, select the box labeled Create users if they do not exist.
If you plan to disable the current login option (username & password), check the box labeled Redirect to the saml login page when logging into SolarWinds Service Desk by default.DO NOT mark the box above until SAML configuration is tested successfully. After the box is checked, you will no longer be able to login with your username/password.
In Okta, select the Sign On tab for the SolarWinds Service Desk app, scroll down to the ADVANCED SIGN-ON SETTINGS section, and then click Edit.
Enter the ACS URL value into the corresponding field.Make sure that you entered the correct value in the Subdomain field under the General application tab in Okta. Using the wrong value will prevent you from authenticating via SAML to SWSD.
If you have a custom SWSD URL, obtain your ACS URL value as follows:
[customSolarWindsServiceDeskURL]/saml/metadata. An XML file like the following will appear after the page loads:
Locate and make a copy of your ACS URL value from the Location attribute.
Log in with SP-initiated SSO
- Log in to the SWSD URL and navigate to SSO.
- Click Single Sign-On.