Use this section to see where settings from NetCloud Manager's SSO configuration go in an Okta app, and where settings from the Okta app go in NetCloud Manager's SSO configuration.
These steps assume you have an Okta IdP app ready to integrate with NetCloud Manager. And that you have navigated to the Add/Edit Identity Provider wizard in NetCloud Manager.
Step | Screen Reference |
|---|---|
Copy the URL under ACS URL ID in NCM to the Single sign-on URL field in Okta. This field is in the SAML Settings > General section of the Configure SAML page in Okta. | NetCloud Manager Okta app |
Copy the URL under SP Entity ID to the Audience URI (SP Entity ID) field in Okta. This field is in the SAML Settings > General section of the Configure SAML page in Okta. | NetCloud Manager Okta app |
Scroll to the Attribute Statements section in the Okta app. Add a name for each of these attributes in the Name field. These attributes are used for identifying users. Add these names on the SAML Mappings page in NCM. | Okta app
NetCloud Manager |
(Optional) Use the forcedPermission attribute to set a user's NetCloud Manager role or account. See the Forced Permission Examples section for more information on using the forcedPermission attribute. Add the forcedPermission name on the SAML Mappings page in NCM. NoteUser attributes are evaluated each time the user logs in. This allows administrators to change a user's settings in the IdP app, if necessary. The changed setting is applied the next time the user logs in with SSO. | Okta app NetCloud Manager |
Complete the Okta app. Then open the Okta app to view its settings. | |
Add a name for the SSO configuration in NetCloud Manager. This does not need to be added to the Okta app. | NetCloud Manager |
(Optional) To use Service-Provider (SP) Initiated logins, select Enable SP Initiated Login. | NetCloud Manager |
(Required for SP Initiated logins) Add a unique identifier for your company in the Company Identifier field. Users will enter this value when logging in to NetCloud Manager with the Sign In With SSO button. | NetCloud Manager |
(Required for SP Initiated logins) Add the Okta app's sign-on URL to the Sign-On URL field in NetCloud Manager. This URL comes from your Okta app on the Sign In page in the SAML 2.0 section. You may need to select More Details to see this URL. | NetCloud Manager Okta app |
Go to the the Okta app's Sign On page. Select View SAML setup instructions. | Okta app |
Copy the Identity Provider Single Sign-On URL from the Okta app. Use this for the Identity Provider ACS URL field in NCM. | Okta app NetCloud Manager |
Copy the Identity Provider Issuer from the Okta app. Use this for the Identity Provider Entity ID field in NetCloud Manager. | Okta app NetCloud Manager |
Copy the X.509 Certificate text from the Okta app. Use this for the Certificate Text field in NCM. | Okta app NetCloud Manager |
The Hash Algorithm value in NetCloud Manager must match the Digest Algorithm value in the Okta app. | NetCloud Manager Okta app |