How to Set Up OKTA

After you receive an initial OKTA login and reset the password via the received email link, navigate to the following URL:  https://dev-499266-admin.oktapreview.com.

  1. Log in with your newly activated account and click the Admin button (right side of the interface).
  2. Click on Developer Console (drop-down) in the upper left-hand corner and select Classic UI.
  3. Select Applications.
  4. Click the Add Application button.
  5. Click the Create New App button.
  6. In the Platform drop-down menu, select Web.
  7. Select SAML 2.0 as the sign-on method.
  8. Click the Create button.

 

 

 

  1. Type in the App Name, then click the Next button.  
    1. To avoid confusion and duplicate entries, try DRTrack YourName (ex: DRTrack CharlesC)

 

  1. At the end of your domain name in the SSO URL box, add /AssertionConsumer.aspx (ex:   http://chuckiec.appianlogistics.com/AssertionConsumer.aspx). 
  2. Use this for Recipient URL and Destination URL should remain checked.
  3. Allow this app to request other SSO URLs should be unchecked.
  4. Audience URI (SP Entity ID) should be the domain name only (ex: http://charlesc.appianlogistics.com).
  5. Default RelayState should be blank.
  6. Name ID format should be Unspecified (select from the drop-down menu).
  7. The Application Username should be Okta username (select from the drop-down menu).
  8. Click on Show Advanced Settings.

 

 

  1. Select Signed from the Response drop-down menu.
  2. Select Signed from the Assertion Signature drop-down. 
  3. Select RSA-SHA256 from the Signature Algorithm drop-down.
  4. Select SHA256 from the Digest Algorithm drop-down.
  5. Select Unencrypted from the Assertion Encryption drop-down.

 

Single Logout

Ensure the Enable Single Logout box is checked.

  1. Single Logout URL should be set to the domain name with /SLOService.aspx added at the end (ex: http://chuckiec.appianlogistics.com/SLOService.aspx).
    1. SP Issuer should be set to the domain name (ex: http://chuckiec.appianlogistics.com).
  2. Use the Browse button for Signature Certificate to find and upload the sp.cer file.  
    1. The file can be found in the Certificates folder of the DRTrack solution
  3. Once the file has been located and selected, click the Upload Certificate button.


See the following articles for additional set up information:

Specific Settings for End of Logout

How to Add Users

How to Configure DRTrack for OKTA