Okta

How to Configure SAML 2.0 for Code42

Read this before you enable SAML

Code42 supports an SP-initiated SAML flow. For the convenience of your end users, Okta recommends that you hide the Code42 app and set up a Bookmark app with the Code42 logo after you complete this SAML setup. For instructions on setting up a Bookmark app and hiding the original app, see Simulating an IDP-initiated Flow with the Bookmark App.

Two-way communication on TCP ports 80 and 443 between the Identity Provider and Code42 Master Server is required. The Service Provider (Code42) and Identity Provider (Okta) must be able to communicate with each other to perform metadata exchange.

Contents

Supported Features

The Okta/Code42 SAML integration currently supports the following features:

Configuration Steps

  1. Sign in to Code42 with administrator privileges. Go to Settings > Security, select the Single Sign-On tab, then select Add Identity Provider or Federation as shown below:

    CrashPlanProeNew1.png

  2. The Identity Provider screen appears.

  3. Enter the following Identity Provider metadata URL, then click Continue.

    Sign in to the Okta Admin app to have this variable generated for you

    CrashPlanProeNew2.png

  4. The Identity Provider additional settings screen appears (see screen below). Enter the following:

    • Display Name: Okta.

    • Make sure the Use default mapping checkbox is selected.

    • Click Save.

      CrashPlanProeNew3.png

  5. In the left navigational menu, select Settings > Server. Then in the Server Settings pane that subsequently opens, copy the value from the Website protocol, host and port field:

    CrashPlanProeNew4.png

  6. In Okta, go to the General tab for the Code42 app, as shown below. Paste the information you copied in the last step into the Server URL field.

    Important:
    • If the port number is not 4285, you must paste in the value and, if necessary, change the last four digits to 4285.
    • You must change your protocol to https. If this is not the current protocol, change it within the Server Url field.

    CrashPlanProeNew5.png

  7. You can enable Okta SAML SSO in Code42 globally, or for a particular organization.

    • To enable globally, follow step 8 below then continue to step 10.
    • To enable for a particular organization, follow step 9 then continue to step 10.
  8. To set SAML authentication globally for all organizations:

    1. Select the Settings > Organization > Security tab.

    2. For Select an authentication method: Select SSO.

    3. For Choose provider(s): Select Okta.

    4. Select Save.

      CrashPlanProeNew6.png

  9. To set SAML authentication for a particular organization:

    1. Select Organizations.

    2. Click an organization name. In the example below, the organization name is OktaTest.

      CrashPlanProeNew7.png

    3. In the screen that opens for your selected organization, select the gear icon at the top right, as shown below; then select Edit on the menu that appears:

      CrashPlanProeNew8.png

    4. For Select an authentication method: Select SSO.

    5. For Choose provider(s): Select Okta.

      CrashPlanProeNew9.png

  10. Done!

Notes

The following SAML attributes are supported:

SP-initiated SSO

Go to your server URL and select the Sign in using Single Sign-On hyperlink on the sign in screen, as shown below:

“CrashPlanProeNew10.png"