Views:
This section describes how to configure your Okta settings and add domains on TMWS to implement single sign-on and user synchronization.

Procedure

  1. Log on to the TMWS management console, and go to AdministrationUSERS & AUTHENTICATIONDirectory Services.
  2. Click here on the upper area of the screen.
  3. On the Authentication Method screen that appears, click Okta.
  4. Click On or Off to decide whether to allow users in your Okta organization to visit websites through TMWS if their information is not synchronized to TMWS or you do not enable SCIM provisioning in Okta.
    Note
    Note
    Users not synchronized from Okta can be authenticated only through known TMWS gateways or the dedicated port for your organization.
  5. Configure Identity Provider Settings as follows:
    Service URL
    Identity Provider Single Sign-On URL on the Okta admin portal
    Logon name attribute
    sAMAccountName on the Okta admin portal
    Public SSL certificate
    X.509 Certificate downloaded from the Okta admin portal
  6. Optionally click Regenerate Token if you want to use a new authorization token in Okta provisioning configuration.
  7. Click Save.
  8. On the Directory Services screen, click Add.
  9. On the Add New Domain screen that appears, type a domain name in the Domain name text box.
  10. Click Save.
  11. Repeat the above steps to add more AD domains as necessary.
    Important
    Important
    TMWS retrieves users and groups only in the domains whose name exists on TMWS. Make sure that the domain names match exactly on TMWS and in your Okta organization.