1.0 Introduction
This article describes how to integrate Fortanix-Data-Security-Manager (DSM) Single Sign On (SSO) using SAML 2.0 with Okta.
2.0 Prerequisites
Okta admin account to configure the SSO using SAML 2.0.
Fortanix DSM admin account for SSO configuration.
3.0 SSO Configuration on Okta
Log in to the Okta admin console.
Figure 1: Log in to Okta
Click the Applications tab.
Figure 2: Applications tab
Click the Create New App button to create a SAML application.
Figure 3: Create new app
In the Create a New Application Integration window, select the following:
Platform: “Web”
Sign on method: “SAML 2.0”
Click Create to create the application.
Figure 4: Create app
In the General Settings tab, fill the details as below:
NOTE
You can choose a different name and logo based on your need.
Figure 5: Create SAML integration
Click Next to Configure SAML.
In this SAML settings page, you need to provide the Single sign on URL and Service Provider (SP) Entity ID as below. It is important to choose the Name ID format to “EmailAddress” and Application username to “Email”.
Figure 6: SAML Settings
On the SAML Settings page, scroll down and click the Next button.
Figure 7: Finalize SAML Settings
In the Are you a customer or partner? Field select the option as below and click Finish.
Figure 8: Finish SAML integration
You can see your application is onboarded and displayed on the Okta Application dashboard.
Figure 9: Application onboarded
Click the application “Fortanix” and go to the Assignments tab. In this step we are assigning the application “Fortanix” to the SSO user who will log in to Fortanix DSM.
NOTE
Make sure you have added the SSO user to identity source.
Figure 10: Assign app to Okta
Click the Sign On tab on the same page and click the View Setup Instructions as shown below.
Figure 11: View setup instructions
On the View Setup Instruction page, note down the SSO URL and copy the IDP metadata to a notepad.
Figure 12: Copy IDP metadata
4.0 Configuration on Fortanix Data Security Manager
Log in to Fortanix DSM admin console.
Figure 13: Log in to Fortanix DSM
Click the Settings tab in the left panel.
Figure 14: Settings
On the Fortanix DSM Settings page, click the AUTHENTICATION tab and choose the SINGLE SIGN-ON option.
Figure 15: Authentication - Single sign on
Click the ADD SAML INTEGRATION to add a new SAML integration.
Paste the IDP metadata for the SP in the textbox which we copied in Step 13 of the previous section. Enter an SSO Title and Logo URL.NOTE
Choose a logo based on your need.
Figure 16: Add SAML integration
Click ADD INTEGRATION.
Now your SSO integration is completed.
Figure 17: SSO integration complete
5.0 Test the Integration
Open a new incognito browser and use the SSO URL to log in to SSO.
Figure 18: Log in to SSO
Log in to SSO using the SSO user credentials.
Figure 19: Log in to SSO
Log in to Fortanix DSM using the SSO username.
Figure 20: Log in to Fortanix DSM
Click the SSO title “OKTASSO” which is the new SSO log in mechanism that we added.
Figure 21: Log in using Okta SSO
You will now be automatically logged into Fortanix DSM account.
Figure 22: Login successful