How to Set Up OKTA
After you receive an initial OKTA login and reset the password via the received email link, navigate to the following URL: https://dev-499266-admin.oktapreview.com.
- Log in with your newly activated account and click the Admin button (right side of the interface).
- Click on Developer Console (drop-down) in the upper left-hand corner and select Classic UI.
- Select Applications.
- Click the Add Application button.
- Click the Create New App button.
- In the Platform drop-down menu, select Web.
- Select SAML 2.0 as the sign-on method.
- Click the Create button.
- Type in the App Name, then click the Next button.
- To avoid confusion and duplicate entries, try DRTrack YourName (ex: DRTrack CharlesC)
- At the end of your domain name in the SSO URL box, add /AssertionConsumer.aspx (ex: http://chuckiec.appianlogistics.com/AssertionConsumer.aspx).
- Use this for Recipient URL and Destination URL should remain checked.
- Allow this app to request other SSO URLs should be unchecked.
- Audience URI (SP Entity ID) should be the domain name only (ex: http://charlesc.appianlogistics.com).
- Default RelayState should be blank.
- Name ID format should be Unspecified (select from the drop-down menu).
- The Application Username should be Okta username (select from the drop-down menu).
- Click on Show Advanced Settings.
- Select Signed from the Response drop-down menu.
- Select Signed from the Assertion Signature drop-down.
- Select RSA-SHA256 from the Signature Algorithm drop-down.
- Select SHA256 from the Digest Algorithm drop-down.
- Select Unencrypted from the Assertion Encryption drop-down.
Ensure the Enable Single Logout box is checked.
- Single Logout URL should be set to the domain name with /SLOService.aspx added at the end (ex: http://chuckiec.appianlogistics.com/SLOService.aspx).
- SP Issuer should be set to the domain name (ex: http://chuckiec.appianlogistics.com).
- Use the Browse button for Signature Certificate to find and upload the sp.cer file.
- The file can be found in the Certificates folder of the DRTrack solution
- Once the file has been located and selected, click the Upload Certificate button.
See the following articles for additional set up information:
Specific Settings for End of Logout