The current Okta Catalog Connector is deprecated, as the endpoints are now different. Please see Getting started (Custom) in the documentation below.
Refer to the following guide to integrate the Bitsight platform with Okta or use an additional custom connector if additional attributes, such roles and groups, are needed. A Bitsight catalog application for Okta is available and is searchable by simply adding a new application and searching for “Bitsight.”
- Getting Started
- Basic SAML Configuration
- User and Attribute Claims
- Downloading and Uploading Metadata
- Optional Attributes (Not Required)
Additional resources:
Getting Started
Catalog App
- Navigate to your Admin instance on the Okta dashboard
- Applications
- Search Application
- Bitsight - Add
- Audience Restriction = https://service.bitsighttech.com/saml/metadata/
- Save
Custom Application
- Navigate to your Admin instance on the Okta dashboard
- Applications
- Create New Application
- Platform = Web - New Application = SAML 2.0
Basic SAML Configuration
- Single Sign on URL =
https://service.bitsighttech.com/saml/acs/GUID
- Audience URI (SP Entity ID) =
https://service.bitsight.com/saml/GUID
- Name ID format =
emailAddress
- Application username =
email
Your unique identifier can be found in your account under the SAML settings URLs.
Detail | Contents |
---|---|
Identifier (Entity ID) | https://service.bitsight.com/saml/GUID |
Reply URL (Assertion Consumer Service URL) | https://service.bitsighttech.com/saml/acs/GUID |
User and Attribute Claims
When entering the user an attribute claims you must select URI. Attribute Statements (optional) the first name space is urn:oid:0.9.2342.19200300.100.1.3 - URI reference - Value = user.email.
- Enter the claim name for given name and replace with urn.oid.2.5.4.3 mapped to user.firstName
- Enter the claim name for last name and replace with urn.oid.2.5.4.4 mapped to user.lastName
Claim Name | Value |
---|---|
urn:oid:2.5.4.3 | user.firstName |
urn:oid:2.5.4.4 | user.lastName |
urn:oid:0.9.2342.19200300.100.1.3 | user.email |
Although not required for this integration, you can specify additional attributes as outlined in Optional Attributes (Not Required).
Downloading and Uploading Metadata
Once you have configured SAML and saved the steps above, refer to the following instructions to download the metadata XML from Okta and upload it to Bitsight.
- Select Download Metadata XML under the SAML Sign on Settings category in Okta.
- Select Load from URL from the SAML Metadata for your IdP section.
- Open the file Downloaded from Step 1.
Optional Attributes (Not Required)
See additional SAML 2.0 attributes that can be specified (full name, user role, and user group). They are optional and not required for this integration.
- October 12, 2021: Added directory to sections.
- June 21, 2019: Published.
Feedback
0 comments
Please sign in to leave a comment.