Configuring Okta as the Identity Provider

Configuring Okta as the Identity Provider


Role Required: SDAdmin

  1. Log in to your Okta domain.
  2. Go to the Applications > Add Application.

  1. Click Create New App.

  1. From the displayed dialog box, choose SAML 2.0 as the sign-on method.
  2. Click Create.

  1. In the next window, provide a Name for your application.
  2. Upload the Logo of the application and click Next.

  1. In the displayed page, enter the Assertion Consumer URL of AssetExplorer under Single Sign-On URL.
  2. Enter the Entity ID in the Audience URI field and choose transient as the Name ID format. Currently, AssetExplorer supports Transient, Persistent, and Email Address as Name ID formats.
  3. To log in using your username and domain, select Transient or Persistent.
  4. To log in using your email address, select Email Address.
  5. Select the Application username from the drop-down menu. Login names of new users will be mapped based on the specified format. If the user belongs to a domain, Okta will use the <domain name\user name> format.
  6. Click Advanced Settings.

  1. To enable the SAML logout service, select Allow the application to initiate Single Logout.
  2. Provide the Single Logout URL and add the entity ID in SP Issuer.
  3. In Signature Certificate field, click Browse and upload the SP Certificate of AssetExplorer.
  4. Click Next.

  1. Choose the option, I'm a Software Vendor. I'd Like to integrate my app with Okta.
  2. Click Finish.

  1. Go to the Sign On tab and click View Setup Instructions.

  1. Another tab with the IdP configurations such as Login URL (Single Sign-On URL), Logout URL (Single Logout URL), and the certificate file will be displayed. Use these to integrate with the IdP.

  1. Assign the application to people/groups from the Assignments tab, as shown below.


You have now configured AssetExplorer as a service provider in Okta.

Go to the SAML configuration page in AssetExplorer and provide the IdP details to complete the integration.
    • Related Articles

    • Configuring G Suite as the Identity Provider

      Role Required: SDAdmin Log in to Google Workspace. Go to Apps > Web and mobile apps. Click Add app > Add custom SAML app. Provide the App name and Description. Upload the App icon and click Continue. On the displayed page, download the certificate ...
    • Configuring ADFS 3.0 as the Identity Provider

      Role Required: SDAdmin Before you start the configuration process, make sure that the AssetExplorer application is running in the HTTPS mode. Then, configure AssetExplorer as a Relying Party Trust (RPT). This can be done either manually or using the ...
    • Configuring OneLogin as Identity Provider

      Role Required: SDAdmin Log in your OneLogin domain and click Applications under the Applications tab. In the displayed page, click Add App. Search for SAML from the search box and select SAML Test Connector (Advanced) from the search results. Provide ...
    • Configuring SAML in AssetExplorer

      Role Required: SDAdmin Go to Admin > Organizational Details > SAML Single Sign-On. In the configurations tab, you will find two sections: Service Provider Details and Configure Identity Provider Details. Service Provider Details Under the Service ...
    • Configure Azure as the Identity Provider

      Role Required: SDAdmin Follow the steps below to configure AssetExplorer as a service provider in Azure. Before configuring, ensure that the AssetExplorer runs in HTTPS mode. Log in to your Azure domain. Under Azure Services, click Enterprise ...