Views:

Okta is a standards-compliant OAuth 2.0 authorization server that provides cloud identity solutions for your organization. Okta is a single sign-on provider that allows you to manage user access to Deep Discovery Director (Internal Network Analytics Version).

This section describes how to configure Okta as a SAML (2.0) identity provider for Deep Discovery Director (Internal Network Analytics Version) to use.

Before you begin configuring Okta, make sure that:

  • You have a valid subscription with Okta that handles the sign-in process and that eventually provides the authentication credentials to the Deep Discovery Director (Internal Network Analytics Version) management console.

  • You are logged on to the management console as a Deep Discovery Director (Internal Network Analytics Version) administrator.

  1. Log in to your Okta organization as a user with administrative privileges.
  2. Click Admin in the upper right, and then navigate to Applications > Applications.
  3. Click Add Application, and then click Create New App.

    The Create a New Application Integration screen appears.

  4. Select Web as the Platform and SAML 2.0 as the Sign on method, and then click Create.
  5. On the General Settings screen, type a name for Deep Discovery Director (Internal Network Analytics Version) in App name, for example, "Deep Discovery Director (Internal Network Analytics Version)", and click Next.
  6. On the Configure SAML screen, specify the following:
    1. Type the Single sign on URL for Deep Discovery Director (Internal Network Analytics Version).
      Note:

      To obtain the Deep Discovery Director (Internal Network Analytics Version) single sign on URL, go to Administration > Integrated Products/Services > SAML Integration in the Deep Discovery Director (Internal Network Analytics Version) management console, and copy the Single Sign On URL in the Service Provider section.

    2. Select Use this for Recipient URL and Destination URL.
    3. Specify the Audience URI in Audience URI (SP Entity ID) based on your serving site:
    4. Type EmailAddress in Name ID format.
    5. In the Group Attribute Statements (Optional) section, specify the following:

      • Name: DDD_GROUP

      • Filter: Matches ^(.*)*$

    6. Click Next.
  7. On the Feedback screen, click I'm an Okta customer adding an internal app, select This is an internal app that we have created, and then click Finish.

    The Sign On tab of your newly created Deep Discovery Director (Internal Network Analytics Version) application appears.

  8. Click Identity Provider Metadata to download the metadata file from Okta.
    Note:

    Import this metadata file to Deep Discovery Director (Internal Network Analytics Version).

  9. Assign the application to groups and add people to groups.
    1. Select Directory > Groups.
    2. Click the groups that you want to assign the application to, and then click Manage Apps.

      The Assign Applications screen appears.

    3. Locate Deep Discovery Director (Internal Network Analytics Version) you added and click Assign.
    4. Click Manage People.

      The Add People to Groups screen appears.

    5. Locate the user you want to allow access to Deep Discovery Director (Internal Network Analytics Version) and add the user to the Deep Discovery Director (Internal Network Analytics Version) group.
    6. Confirm that the application is assigned to the user and group.

      After assigning an application to a group, the system automatically assigns the application to all users in the group.

    7. Repeat the above steps to assign the application to more groups as necessary.

    You are now ready to configure Okta for single sign-on and create the required SAML groups in the Deep Discovery Director (Internal Network Analytics Version) management console.

Parent topic: SAML Authentication