Configuring Okta Settings and Adding Domains on TMWS

This section describes how to configure your Okta settings and add domains on TMWS to implement single sign-on and user synchronization.

  1. Log on to the TMWS management console, and go to Administration > USERS & AUTHENTICATION > Directory Services.
  2. Click here on the upper area of the screen.
  3. On the Authentication Method screen that appears, click Okta.
  4. Click On or Off to decide whether to allow users in your Okta organization to visit websites through TMWS if their information is not synchronized to TMWS or you do not enable SCIM provisioning in Okta.
    Note:

    Users not synchronized from Okta can be authenticated only through known TMWS gateways or the dedicated port for your organization.

  5. Configure Identity Provider Settings as follows:

    Service URL

    Identity Provider Single Sign-On URL on the Okta admin portal

    Logon name attribute

    sAMAccountName on the Okta admin portal

    Public SSL certificate

    X.509 Certificate downloaded from the Okta admin portal

  6. Optionally click Regenerate Token if you want to use a new authorization token in Okta provisioning configuration.
  7. Click Save.
  8. On the Directory Services screen, click Add.
  9. On the Add New Domain screen that appears, type a domain name in the Domain name text box.
  10. Click Save.
  11. Repeat the above steps to add more AD domains as necessary.
    Important:

    TMWS retrieves users and groups only in the domains whose name exists on TMWS. Make sure that the domain names match exactly on TMWS and in your Okta organization.