The Okta/Pritunl SAML integration currently supports the following features:
You first need to create an API Token in Okta. In Okta navigate to Security > API.
Click Create Token, name the token Pritunl, then click Create Token:
Save the token value:
Important: This it the only time you will be able to view the token value.
Login to your Pritunl account.
Navigate to Settings:
Enter the following (see screen shot at end of step for reference):
Single Sign-On: Select Okta.
Single Sign-On URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
SAML Issuer URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
SAML Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Okta API Token: Paste the token value you saved in step 3:
Click Save:
In Okta, select the Sign On tab for the Pritunl app, then click Edit.
Set the Default Relay State to the address your users will use to access the Pritunl server. For example: https://vpn.example.com.
Click Save:
The following SAML attributes are supported:
Name | Value |
---|---|
username | user.login |
user.email | |
org | user.organization |
Go to your Pritunl server URL.
Click Sign in with Okta: