Single Sign-On (SSO) Integration with Okta

By Anonymous -
This post is based on a source article by Anabel Perez (link).
CentreStack-Okta-Comp-TR

 Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g. name and password) to access multiple applications.

 Okta is the foundation for secure connections between people and technology. It’s a service that gives employees, customers and partners secure access to the tools they need to do their most important work. (Okta FAQ: https://www.okta.com/faq/)

 If a user already exists in Okta, SSO can be used to authenticate it in CentreStack.

The following guide should help you integrate Okta SSO into your CentreStack installation.
 https://www.centrestack.com/

 1. CentreStack Single Sign-On URL
Single Sign-On information is located in two places:
  • From the Cluster Management Console, go to the Control Panel view and choose Single Sign-On.
Control Panel SSO
  • From the Tenant Management Console, go to the Group Policy view, and choose Single Sign-On settings there.
 Group Policy SSO
  • In the Single Sing-On view, copy the “Access service provider meta data using the following link:” and Check the box under “Enable SAML Authentication”.
SSO metadata
  • This Link or Entity ID will be used in the Okta configuration page as shown below:
Metadata

 2. General settings
In the Okta web portal, specify the following settings:
  • a. Single Sign On URL and Audience URI (SP Entity ID)
    • Use the Entity ID value copied in the step above. (Make sure to enable the option: Use this for Recipient URL and Destination URL)
  • b. Name ID Format
    • EmailAddress
  • c. Response
    • Unsigned
  • d. Signature Algorithm and Digest Algorithm
    • SHA1 (This provides the most compatibility because CentreStack was developed on  Microsoft’s .Net platform)
Okta Settings General

 3. Creating Attributes
In the Attribute Statements section, create 3 attributes to match the 3 Parameter defined in the CentreStack SSO configuration page:
  • a. user
    • email (IdP Email Parameter)
  • b. user
    • firstname (IdP Given Name Parameter)
  • c. user
    • lastname (IdP Surname Parameter)
Okta Settings Attributes

 4. Identity Provider IdP Information
Once all the settings are filled in and the SAML 2.0 application is created in Okta, access the “Sign On” tab and click on “View Setup Instructions”.
Okta Settings SO

 Take the following two settings from this page and copy them to the SSO configuration on the CentreStack side.
  • a. Identity Provider Single Sign-On URL (IdP End Point URL)
  • b. Provide the following IDP metadata to your SP provider (IdP Meta Data)
Okta Settings SAML 1

 5. How to login
After applying the changes in the SSO page in the CentreStack web portal, you can test the integration.
  • a. From CentreStack
    • In the CentreStack login page, you will see the Okta Single Sign On text. When clicked, you will log in at Okta and redirected back to CentreStack to access your data.
Login
  • b. From Okta
    • Once you are logged in on the Okta website, you can see all of the connected applications. Click the CentreStack application to access your data on CentreStack.
Login Okta side






















Comments

Post a Comment

Popular posts from this blog

Access and Backup to HP Cloud Storage

By -
Image
Today HP moved its cloud services to public beta. Gladinet has been working closely with HP Cloud Service since private beta to provide product integration support. Gladinet is also announcing today the support of HP Cloud Storage service with the full Gladinet Suite of products. In the latest Gladinet Desktop Client, you will see the HP Cloud drop down, which allows you to attach your HP Cloud Storage account into Windows Explorer as a mapped network drive. At the next screen, you can enter the related HP Cloud account information.
Read more

7 Biggest Limitations of SharePoint Online And How to Fix Them

By Anonymous -
Image
SharePoint benefits encourage businesses to migrate their file server data online. However, there are at least 7 limitations of SharePoint Online and OneDrive that need to be effectively addressed to reduce migration costs and eliminate OneDrive sync failures. In this article, we'll identify some of the common issues that complicate SharePoint migrations and ways to simplify the migration and solve the issues. Here's a list of common issues: 5,000 item limit in a document library 100,000 item sync limit for the OneDrive client NTFS permission reorganization requirements Maximum name length limitations Prohibitive costs of data reorganization 93 day recycle bin threshold Lack of support for legacy application data (databases, etc…) Obviously, you may not hit every issue in each migration but migrator beware if there's a lack of awareness of how these limitations could impact user experience, productivity, and cost. A Real-World Example Before we discuss each of these items...
Read more

Optimizing 3D Rendering and AutoCAD Performance in Remote Work Environments

By -
Image
Introduction: The Challenge of Remote Work Whether you are a design company or an architecture firm , you'll find that managing large 3D and AutoCAD files across remote team members creates performance and collaboration issues. This article introduces CentreStack as the one-stop solution for transforming your remote work experience. Identifying the Obstacles in Remote 3D Rendering and AutoCAD Usage The Challenge of Distance Data must traverse long distances when working in separate locations, introducing latency issues that hamper real-time collaboration. The Burden of Growing Files Technological advancements in 3D rendering tools and AutoCAD have led to larger file sizes, making performance even more of a challenge. The Downside of VPNs and Cloud Storage Solutions Traditional VPN technology has become more sluggish over time despite hardware upgrades or additional bandwidth. Common cloud services like Dropbox, Google Drive, and SharePoint aren't optimized for AutoCAD file typ...
Read more