Links

Okta SAML 2.0 SSO Integration

Setting up Okta for AIR (Available from AIR 4.1)
  1. 1.
    Sign in to the Okta Admin Dashboard.
  2. 2.
    Click the “Applications” button in the left menu.
  3. 3.
    Click Create App Integration.
    Create App Integration.
  1. 4.
    Select SAML 2.0 as a sign-in method and click the “Next“ button
Select SAML 2.0.
  1. 5.
    Name your application, and upload a logo (logo is optional), and click the “Next” button
  1. 6.
    Enter your domain name followed by this callback at the end of the path: /api/auth/sso/okta/callback. For example: <https://<your-domain-name>>/api/auth/sso/okta/callback
Create SAML integration
  1. 7.
    Fill in the Attribute Statements section as follows:
Attribute Statements.
All fields are case-sensitive. Make sure all of them are filled correctly.
  1. 8.
    On the next page, click the first option, and then click the “Finish” button.
    Select the customer option and 'Finish'.
  2. 9.
    Go to the “Profile Editor” page under the “Directory“ section and click the name of the latest created app.
    Select the name of the latest created app.
  1. 10.
    In the “Attributes” section, click the “Add Attribute” button.
Select the “Add Attribute” button.
  1. 11.
    Select “string array“ as the data type.
  2. 12.
    Enter a name and description for the attribute.
  3. 13.
    Enter “roleTags“ as the variable name.
  4. 14.
    Click the “Define enumerated list of values“ checkbox.
  5. 15.
    Click the “Attribute required“ checkbox.
    Select “Attribute required“ checkbox.
  6. 16.
    Give a display name of your new role and enter the corresponding “Tag” of the role that you want to map within the Binalyze AIR Console into the “Value” field. For example, the “global_admin”, which is the tag of the Global Admin role in Binalyze AIR Console, is used for the “Value” section.
    Then click save.
    Name and Save the Role/Tag
  7. 17.
    Navigate back to the “Applications“ page. Click the name of the app. Then go to the “Assignments” tab.
  8. 18.
    Click the “Assign to People” button under the “Assign“ dropdown.
    “Assign to People” button under the “Assign“ dropdown.
  9. 19.
    Click the “Assign” button that you want to assign to.
Select the “Assign” button required
  1. 20.
    Leave the user name field as is and select the roles of the user. And click the “Save and Go Back“ button.
Select the “Save and Go Back“ button.
  1. 21.
    Go to the “Sign On” tab and click “More Details“
Go to “Sign On” tab and select “More Details“
  1. 22.
    Sign in to the Binalyze AIR Console.
  2. 23.
    Navigate to the “Settings” page, then click the “Security” section.
  3. 24.
    Enable Okta by clicking the switch button.
    Enable Okta
  4. 25.
    Fill in the required fields according to the Sign on tab in the Okta
Entry Point: Okta Sign on Url
Issuer: Okta Issuer
Cert: Okta Signing Certificate
  1. 26.
    Click Save settings
  2. 27.
    The “Sign in with OKTA” button should appear on the Binalyze AIR Console login page. Once you click this button, you will navigate to the Okta login page to authenticate your access. Once you are authenticated, you will be redirected back to the AIR console.
The AIR console Sign In page