Okta

How to Configure SAML 2.0 for Luminate Secure Access Cloud


Read this before you enable SAML

Luminate Secure Access Cloud™ securely connects any user from any device, anywhere in the world to corporate resources hosted on-premises or in the cloud.

To configure and enforce access policies of Okta-based identities to applications, Luminate leverages Okta's API get users and groups from Okta (during policy assignment and calculation).

Contents

Supported Features

The Okta/Luminate Secure Access Cloud SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

  1. In Okta, navigate to Admin > Security > API > Tokens.

  2. Click Create Token:

    luminate1.png

  3. Enter a name for the token then click Create Token:

    luminate2.png

  4. Make a note of the Token value.

  5. Click OK, got it:

    luminate3.png

  6. Login to the Luminate Secure Access Cloud Admin Portal interface as an administrator.

  7. Navigate to Directory > Identity Providers.

  8. Click Add Identity Provider.

  9. Select the Okta option.

    luminate4.png

  10. A Create New Okta Identity Provider for opens. Enter the following:

    • Name: Enter Okta.

    • Okta Organization: Enter your Okta subdomain, then select your Okta domain from the dropdown list.

      For example, if you log into https://acme.okta.com/, your Okta Organization value is acme and your Okta domain is okta.com.

    • API Token: Enter your Token value from step 4.

    • Identity Provider Single Sign-On URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • X.509 Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Domain Aliases: Enter a required domain alias.

      For example if your Okta email address is john.smith@acme.com, your Domain Alias is acme.com.

    • Click Save.

    luminate5.png

  11. Click the Instructions icon:

    luminate6.png

  12. Make a note of the Single sign on URL and Audience URI (SP Entity ID) values:

    luminate7.png

  13. In Okta, select the Sign On tab for the Luminate Secure Access Cloud SAML app, then click Edit.

    • Scroll down to the ADVANCED SIGN-ON SETTINGS section.

    • Enter the Single sign on URL and Audience URI (SP Entity ID) values (step 12) into the corresponding fields.

    • Click Save.

    luminate8.png

  14. Done!

Notes

The following SAML attributes are supported:

SP-initiated SSO

  1. Open your Luminate Secure Access Cloud login URL.

  2. Enter your email address into the corresponding field.

  3. Click the submit (>) button.

    4. luminate9.png