Integrating Bitsight with Okta

Refer to the following guide to integrate the Bitsight platform with Okta using a custom connector. This method allows you to configure the integration to support specific attributes, such as roles and groups, as needed.

• Basic SAML Configuration
• User and Attribute Claims
• Downloading and Uploading Metadata
• Optional Attributes (Not Required)

Additional resources:

• Single Sign-On Setup Using SAML
• User Creation with SAML Enabled
• Disabling SAML

Basic SAML Configuration

1. Single Sign on URL = https://service.bitsighttech.com/saml/acs/GUID
2. Audience URI (SP Entity ID) = https://service.bitsight.com/saml/GUID
3. Name ID format = emailAddress
4. Application username = email

User and Attribute Claims

When entering the user an attribute claims you must select URI. Attribute Statements (optional) the first name space is urn:oid:0.9.2342.19200300.100.1.3 - URI reference - Value = user.email.

1. Enter the claim name for given name and replace with urn.oid.2.5.4.3 mapped to user.firstName
2. Enter the claim name for last name and replace with urn.oid.2.5.4.4 mapped to user.lastName

Although not required for this integration, you can specify additional attributes as outlined in Optional Attributes (Not Required).

Downloading and Uploading Metadata

Once you have configured SAML and saved the steps above, refer to the following instructions to download the metadata XML from Okta and upload it to Bitsight.

1. Select Download Metadata XML under the SAML Sign on Settings category in Okta.
2. On the Bitsight platform, navigate to the SAML page [ Settings ➔ SAML].
3. Select Load from URL from the SAML Metadata for your IdP section.
4. Open the file Downloaded from Step 1.

Optional Attributes (Not Required)

See additional SAML 2.0 attributes that can be specified (full name, user role, and user group). They are optional and not required for this integration.