Okta SSO/SAML Configuration

Help Center
  • Updated
Follow

You can setup SSO (SAML 2.0) between our Admin Console and Okta following the steps below.

This article contains information and instructions related to a third-party application (Okta). These instructions may vary on your environment and need to be confirmed with your Okta vendor, if necessary.

If you have specific needs or specific settings you need to apply, you may need to check those with your IdP admins.

Prerequisites:

You must have a verified domain in Foxit Admin Console > Settings > Directory Setting.

  1. Open Okta Admin panel or register okta account
  2. Create an application
  3. Select SSO 2.0 for Sign-on method, Click Next.
  4. Give the application a name (in this example, "Foxit Admin Console Okta Integration"). Click Next.
  5. Collect the SAML Information
  6. Fill in Single sign on URL and Audience URI (SP Entity ID).
  7. Fill in Attribute Statements
  8. Select "I'm a software vendor. I'd like to integrate my app with Okta". Click Finish.
  9. After clicking Finish you'll be redirected to the Sign On tab. Click on View Setup Instructions. It will open it in a new tab on your browser.
  10. Set the Okta settings on Foxit Admin Console
  11. Help

 

1. Open Okta Admin panel or register okta account

Open your Okta Admin panel.

If you do not have an okta Admin account, you can create one.

1.png

2. Create an application

On your Okta Admin panel, go to Applications > Applications > Create App Integration

2.png

3. Select SSO 2.0 for Sign-on method, Click Next.

3.png

 

4. Give the application a name (in this example, "Foxit Admin Console Okta Integration"). Click Next.

4.png

 

5. Collect the SAML Information

Now you need to inform those two URLs you got earlier, from Confluence SSO 2.0 screen

  • Single sign on URL: The location where the SAML assertion is sent with an HTTP POST. This is referred to as the SAML Assertion Consumer Service (ACS) URL in Foxit Admin Console.

    Audience URIThe application-defined unique identifier that is the intended audience of the SAML assertion. This is the SP Entity ID in Foxit Admin Console.

5.png

6. Fill in Signle sign on URL and Audience URI (SP Entity ID).

  • Fill in the SP Entity ID of the Admin Console into the Audience URI (SP Entity ID) field of Okta
  • Fill in the SP Assertion Consumer Service URL of the Admin Console into the into Single sign on URL field of Okta
  • Fill in the Default RelayState with the URL: https://adminconsole.foxit.com

image2021-11-5_10-50-56.png

7. Fill in Attribute Statements

The SAML 2.0 configuration requires the user's username and email attributes to be configured in the IDP.

 

Fill in the Attribute Statements of OKTA according to the User Attributes information provided by the Foxit Admin Console. Click Next.

As the screenshot below and click Next

image2021-10-18_16-47-38.png

 

8. Select "I'm a software vendor. I'd like to integrate my app with Okta". Click Finish.

9.png

9. After clicking Finish you'll be redirected to the Sign On tab. Click on View Setup Instructions. It will open it in a new tab on your browser.

10.png

10. Set the Okta settings on Foxit Admin Console

Collect okta's information 

Take note of these three values

Identity Provider Single Sign-On URL

Identity Provider Issuer

X.509 Certificate

In the screenshot below the values are changed for the sake of the illustration.

11.png

 

Copy these three values and paste them in Confluence

  • Fill in the value of "Identity Provider Single Sign-On URL" of okta into "Identity provider SSO URL" of Foxit Admin Console
  • Fill in "Identity Provider Issuer" of okta into "Identity provider Entity ID" of Foxit Admin Console
  • Fill in the value of "X.509 Certificate" of okta to "Public x509 certificate" of Foxit Admin Console

Click Save Configuration at the end of the page

12.png

 

You're all done! If you'd like to Synchronize your User Directory with the Foxit Admin Console, perform these steps: Okta User Sync Configuration

 

4. Help

With help for any of these steps, please contact Microsoft or a more experienced Azure Admin within your organization.

Related articles

Comments

0 comments

Please sign in to leave a comment.