Configuring TMWS SSO Settings in Okta

This section describes how to add TMWS as a new application and configure SSO settings on your Okta admin portal.

  1. Go to Applications > Applications.
  2. Click Add Application, and then click Create New App.

    The Create a New Application Integration screen appears.

  3. Select Web as the Platform and SAML 2.0 as the Sign on method, and then click Create.
  4. On the General Settings screen, type a name for Trend Micro Web Security in App name, for example, TMWS, and click Next.
  5. On the SAML Settings screen, specify the following:
    1. Type the Trend Micro Web Security logon URL in Single sign on URL based on your serving site.

      Copy and paste the information from the TMWS management console. You can get it under the Service Provider Settings for the Okta Admin Portal area on the Authentication Method screen for Okta from Administration > Directory Services > here.

    2. Select Use this for Recipient URL and Destination URL.
    3. Specify the Audience URI in Audience URI (SP Entity ID).

      Copy and paste the information from the TMWS management console. You can get it under the Service Provider Settings for the Okta Admin Portal area on the Authentication Method screen for Okta from Administration > Directory Services > here.

    4. Select Unspecified in Name ID format.
    5. Select Okta username in Application username.
    6. Select Create and Update in Update application username on.
    7. Click Show Advanced Settings, select Encrypted from the Assertion Encryption drop-down list, and then upload the service provider public certificate in the Encryption Certificate area. Keep the default values for the other settings.

      You can download the service provider public certificate on the Trend Micro Web Security management console, under the Service Provider Settings for the Okta Admin Portal area on the Authentication Method screen for Okta from Administration > Directory Services > here.

    8. Under ATTRIBUTE STATEMENTS (OPTIONAL), specify sAMAccountName in Name, and select Unspecified in Name format and user.login in Value.
    9. Click Next.
  6. On the Feedback screen, click I'm an Okta customer adding an internal app, and then click Finish.

    The Sign On tab of your newly created Trend Micro Web Security application appears.

  7. Click View Setup Instructions, and record the URL in Identity Provider Single Sign-On URL and download the certificate in X.509 Certificate.