Okta SSO

Adding SaaS Management to your Okta SSO

If your organization uses Okta SSO to access applications, you can use it to sign in to SaaS Management as well. To use Okta SSO to access SaaS Management, you first need to add it as a new SAML application within Okta, then add the connection information for Okta to SaaS Management.

Important

You must be an admin of your Okta account to perform these actions.

Creating a new SAML application for SaaS Management

Before you create a new SAML application in Okta, go to Settings > SAML Settings in SaaS Management and copy the Audience and Recipient URL values. You'll need these values when you configure the SAML settings for your new application.

To create a new SAML application for SaaS Management:

1. From your Okta dashboard, select Admin.

2. Select Add Applications from the list of shortcuts.
   
   

3. On the Add Application page, select Create New App.

4. In the new window, select the platform for your application and choose SAML 2.0 as the Sign on method. Select Create to create the application.
   
   

5. In the General Settings section, enter "SailPoint SaaS Management" for the name of the app and select Next.
   
   

6. In the SAML Settings section, enter the following information into the appropriate fields:

   • For the Single sign-on URL field, enter the Recipient URL from SaaS Management.
   • For the Audience URI (SP Entity ID) field, enter the Audience value from SaaS Management.
     
     

7. In the Attribute Statements section, add the following items:

   • email: ${user.email}
   • name: ${user.firstName} ${user.lastName}
     
     

8. Select Next to save these settings.

9. In the Feedback section, select I'm an Okta customer adding an internal app and select Finish.
   
   

10. In the Sign On tab, select View Setup Instructions to complete the process.
    
    

11. On the new page, copy the Identity Provider Single Sign-On URL and download a copy of the X.509 certificate. You’ll need to provide both of these to connect Okta and SaaS Management.

Configuring SaaS Management to use your Okta SSO

1. Go to SaaS Management and select Settings from the navigation menu.

2. Under Configuration, select SAML Settings to display the following page:
   
   

3. Enter the following information into the appropriate fields:

   • For the Sign In URL field, enter the Identity Provider Single Sign-On URL from Okta.
   • For the Certificate field, enter the X.509 certificate from Okta.

4. To create the connection in SaaS Management, select Add SSO Connection to enable Okta to access SaaS Management.

   Dashboard users who have created a SaaS Management account can now sign in to SaaS Management using Okta SSO.

   If you want to require all users within your organization to sign in to SaaS Management using Okta SSO, select SSO Required.