Follow these steps to integrate Okta with Timus using SAML 2.0 for secure Single Sign-On (SSO).
-
Creating an Okta Application
- Navigate to Applications:
- Log in to your Okta admin console.
- Go to Applications under the Applications tab.
- Create a New Application:
- Click Create App Integration.
- Select SAML 2.0 as the sign-on method.
- Click Next.
- Navigate to Applications:
-
Configuring Okta Application with Timus SAML Information
- App Setup:
- Enter a custom name for the application under the App name.
- Click Next to proceed.
- SAML Settings:
- Single Sign-On URL: Enter https://auth.timuscloud.com/user/external/saml
- Audience URI (SP Entity ID): Initially enter http://okta.com (you will modify this after generating the issuer URL).
- NameID Format: Select EmailAddress.
- Attribute Statements:
- Add firstname and lastname as attribute statements.
- Finalize Setup:
- Scroll down and click Next.
- For quick setup, select the appropriate option and click Finish.
- App Setup:
-
Displaying Okta Information
- View SAML Details:
- Click View Setup Instructions to display the Issuer, Sign-On URL, and X.509 Certificate.
- You’ll use these details to configure Timus.
- View SAML Details:
-
Editing Okta Application for Audience URI
- Modify Audience URI:
- Copy the Issuer URL and paste it into the Audience field.
- Save Changes:
- After updating, proceed by clicking Next and Finish to save your changes.
- Modify Audience URI:
-
(Optional) Enabling Assertion Encryption
- Enable Encryption:
- Edit the SAML application in Okta.
- Click Show Advanced Settings.
- Configure Encryption:
- Set Assertion Encryption to Encrypted.
- Enter the Encryption Certificate and Signature Certificate as needed.
- Finalize Encryption:
- Click Next and then Finish to complete the setup.
- Enable Encryption:
-
Configuring Timus SAML Integration
- Access Timus Manager:
- Sign in to Timus Manager.
- Go to Settings -> Integrations.
-
Manage SAML 2.0 Integration:
- Click Manage under SAML 2.0.
- Fill in the fields according to the mapping provided in the table below.
Okta Name Timus Equivalent Sign-On URL Service URL Issuer Identifier Signing Certificate X.508 Certificate
- Complete the Setup:
- Save the configuration. Your SAML integration is now ready.
- Access Timus Manager:
-
Assigning Users and Testing Integration
- Assign Users to the Application:
- In Okta, navigate to Assignments.
- Click Assign and add the required users.
- Test the Application:
- Use a different browser or incognito mode to test the SSO process by logging in as an assigned user. After completing the configuration steps, it's important to remind users that their first login must be initiated through the application in your Identity Provider (IdP). This initial login via the application is necessary to create the user account within Timus.
- Upon successful authentication, users will be redirected to Timus.
- Assign Users to the Application:
This completes the SAML configuration for Okta with Timus. Your users can now authenticate securely through Okta to access Timus applications.
0 comments
Please sign in to leave a comment.