Skip to main content
Interania

Add Okta authentication to your Interana instance

0votes
5updates
235views

Why use an authentication provider?

Some Interana users like to use an authentication provider instead of the standard Interana password authentication flow. The benefits of using an auth provider include exercising more control over which users in your organization can register for Interana and providing a single sign-on method for Interana and other applications you use.

Before you start...

Make sure you've spoken with your customer success manager to determine which authentication provider best fits your needs. Your CSM will also give you two pieces of information that you will need before you start: the Sign-On URL and the AppID

Okta Configuration

Now you're ready to set up your Okta authentication application!

1. Open the Okta Admin Portal

2. On the right side, click Add Applications

Add Applications

3. Click Create New App

Create New App

4. Choose "SAML 2.0" and click Create

Choose SAML 2.0

5. In the General Settings section, name your application and optionally add a logo. Click Next. 

Name the application

6. You will be prompted to fill out the SAML settings for your application. Please leave everything as the default except the following fields:

a. Single sign on URL: enter the Sign-On URL from your CSM. Make sure to select "Use this for Recipient URL and Destination URL."

b. Audience URI: enter the AppID from your CSM.  

c. Name ID format: select EmailAddress

7. Click Next to finish editing the SAML setttings. You may be prompted to take a short survey; at the end, click Finish. This should return you to the main screen. 

8. Click Applications

Click Applications

9. Find the application you just created, then open it

10. Click Sign On

Click Sign On

11. Under "SAML 2.0," click on the "Identity Provider metadata" link to download the metadata.

Click "Identity Provider metadata" to download the metadata

12. Please send this metadata to your CSM or to help@interana.com. You can send us either the metadata file or a link to the hosted file. 

13. Assign users to your application

What's Next

Don't forget to send us your Federation Metadata Document! Once we have that, we can get everything hooked up on our side. We will work with you to plan a time to switch over to the new authentication flow and have someone on your team validate that everything is working properly.

  • Was this article helpful?