Using Fortanix Data Security Manager SSO with Okta

Introduction

This article describes how to integrate Fortanix Data Security Manager (DSM) Single Sign On (SSO) using SAML 2.0 with Okta.

Prerequisites

  • Okta admin account to configure the SSO using SAML 2.0.
  • Fortanix DSM admin account for SSO configuration.

SSO Configuration on Okta

  1. Log in to the Okta admin console. Login_Okta.png
    Figure 1: Log in to Okta
  2. Click the Applications tab. App_okta.png
    Figure 2: Applications tab
  3. Click the Create New App button to create a SAML application. CreateApp_okta.png
    Figure 3: Create new app
  4. In the Create a New Application Integration window, select the following:
    1. Platform: “Web
    2. Sign on method: “SAML 2.0
    Click Create to create the application. CreateApp1_okta.png
    Figure 4: Create app
  5. In the General Settings tab, fill the details as below:
    NOTE
    You can choose a different name and logo based on your need.
    GeneralSettings_Okta.png
    Figure 5: Create SAML integration
  6. Click Next to Configure SAML.
  7. In this SAML settings page, you need to provide the Single sign on URL and Service Provider (SP) Entity ID as below. It is important to choose the Name ID format to “EmailAddress” and Application username to “Email”. SAMLSettings_Okta.png
    Figure 6: SAML Settings
  8. On the SAML Settings page, scroll down and click the Next button. SAMLSettings1_Okta.png
    Figure 7: Finalize SAML Settings
  9. In the Are you a customer or partner? Field select the option as below and click Finish.SAMLSettings2_Okta.png
    Figure 8: Finish SAML integration
  10. You can see your application is onboarded and displayed on the Okta Application dashboard. AppOnboarded_Okta.png
    Figure 9: Application onboarded
  11. Click the application “Fortanix” and go to the Assignments tab. In this step we are assigning the application “Fortanix” to the SSO user who will log in to Fortanix DSM.
    NOTE
    Make sure you have added the SSO user to identity source.
    AssignApp_Okta.png
    Figure 10: Assign app to Okta
  12. Click the Sign On tab on the same page and click the View Setup Instructions as shown below. ViewSetupInstructions_Okta.png
    Figure 11: View setup instructions
  13. On the View Setup Instruction page, note down the SSO URL and copy the IDP metadata to a notepad. CopyIDPmetadata_Okta.png
    Figure 12: Copy IDP metadata

Configuration on Fortanix Data Security Manager

  1. Log in to Fortanix DSM admin console. SDKMSlogin_Okta.png
    Figure 13: Log in to Fortanix  DSM
  2. Click the Settings tab in the left panel. SDKMSSettings_Okta.png
    Figure 14: Settings
  3. On the Fortanix DSM Settings page, click the AUTHENTICATION tab and choose the SINGLE SIGN-ON option. Authentication_Okta.png
    Figure 15: Authentication - Single sign on
  4. Click the  ADD SAML INTEGRATION to add a new SAML integration.
    Paste the IDP metadata for the SP in the textbox which we copied in Step 13 of the previous section. Enter an SSO Title and Logo URL.
    NOTE
    Choose a logo based on your need.
    SAMLintegration_Okta.png
    Figure 16: Add SAML integration
  5. Click ADD INTEGRATION.
  6. Now your SSO integration is completed. SAMLintegration1_Okta.png
    Figure 17: SSO integration complete

Test the Integration

  1. Open a new incognito browser and use the SSO URL to log in to SSO. Test_Okta.png
    Figure 18: Log in to SSO
  2. Log in to SSO using the SSO user credentials. Test1_Okta.png
    Figure 19: Log in to SSO
  3. Log in to Fortanix DSM using the SSO username. Test2_Okta.png
    Figure 20: Log in to Fortanix DSM
  4. Click the SSO title “OKTASSO” which is the new SSO log in mechanism that we added. Test3_Okta.png
    Figure 21: Log in using Okta SSO
  5. You will now be automatically logged into Fortanix DSM account. Test4_Okta.png
    Figure 22: Login successful
Was this article helpful?
0 out of 0 found this helpful