Using Fortanix Data Security Manager with Okta

Prev Next

1.0 Introduction

This article describes how to integrate Fortanix-Data-Security-Manager (DSM) Single Sign-On (SSO) using SAML 2.0 with Okta.

2.0 Prerequisites

Ensure the following:

  • An Okta administrator account to configure the SSO using SAML 2.0.

  • Fortanix DSM administrator account for SSO configuration.

3.0 Configure Okta SSO

Perform the following steps to configure Okta as the SSO authentication method in Fortanix DSM:

  1. Log in to the Okta admin console.  

    Login_Okta.png

    Figure 1: Log in to Okta

  2. Click the Applications tab.  

    App_okta.png

    Figure 2: Applications tab

  3. Click the Create New App button to create a SAML application.  

    CreateApp_okta.png

    Figure 3: Create new app

  4. In the Create a New Application Integration window, do the following:

    1. Platform: Select Web.

    2. Sign on method: Select SAML 2.0.

    3. Click Create to create the application.  

    CreateApp1_okta.png

    Figure 4: Create app

  5. In the General Settings tab, fill in the details as below:

    NOTE

    You can choose a different name and logo based on your requirements.

    GeneralSettings_Okta.png

    Figure 5: Create SAML integration

  6. Click Next to configure SAML.

  7. In the SAML settings page, enter the Single sign on URL and Audience URI (SP Entity ID).  It is important to select the Name ID format for EmailAddress and Application username to Email.

    SAMLSettings_Okta1.png

    Figure 6: SAML Settings

  8. On the SAML Settings page, scroll down and click Next.  

    SAMLSettings1_Okta.png

    Figure 7: Finalize SAML Settings

  9. In the Are you a customer or partner? field, select the option I’m a software vendor. I’d like to integrate my app with Okta, and click Finish.

    SAMLSettings2_Okta.png

    Figure 8: Finish SAML integration

  10. You can see your application is onboarded and displayed on the Okta Applications dashboard.  

    AppOnboarded_Okta.png

    Figure 9: Application onboarded

  11. Click the application “Fortanix” and go to the Assignments tab. In this step, we are assigning the application “Fortanix” to the SSO user who will log in to Fortanix DSM.

    NOTE

    Make sure you have added the SSO user to the identity source.

    AssignApp_Okta.png

    Figure 10: Assign app to Okta

  12. Click the Sign On tab on the same page and click View Setup Instructions as shown below.  

    ViewSetupInstructions_Okta.png

    Figure 11: View setup instructions

  13. On the instructions page, note down the SSO URL and copy the IDP metadata to a notepad.  

    CopyIDPmetadata_Okta.png

    Figure 12: Copy IDP metadata

4.0 Configure Okta SSO in Fortanix DSM

Perform the following steps to integrate Fortanix DSM with Okta using SAML configuration:

  1. Log in to the Fortanix DSM using URL: https://<FORTANIX_DSM_URL>/.

  2. In the Fortanix DSM user interface (UI), navigate to Settings AUTHENTICATION tab, and select SINGLE SIGN-ON as the authentication method.

  3. Click ADD SAML INTEGRATION to add a new SAML integration.

    Figure 13: Select SSO

  4. On the Add SAML Integration page, do the following:

    • Click UPLOAD A FILE to browse and upload the SAML file downloaded in Step 13 of Section 3.0: Configure Okta SSO.

      Figure 14: Upload SAML metadata

    • In the SSO Title field, customize the SSO by adding a name in the SSO Title field and a URL for the logo image in the Logo URL field.

    • Click ADD INTEGRATION.

    Figure 15: Customize SSO

  5. After successfully integrating with Okta SSO, Fortanix DSM displays the configured SSO below:

    Figure 16: Ping Identity configured

5.0 Test the Integration

Perform the following steps to verify the SSO integration:

  1. Log out of Fortanix DSM to sign in using SSO.  

  2. Open a new incognito browser window and enter the Okta SSO URL.

  3. Enter the SSO user credentials to log in.

    Test1_Okta.png

    Figure 17: Log in to SSO

  4. On the Fortanix DSM Login screen, click the LOG IN WITH OKTA_SSO to log in using the newly added SSO configuration.

    Figure 18: Log in using Okta SSO

  5. You will now be automatically logged in to Fortanix DSM and reach the Fortanix DSM accounts page.