The Okta/Artifactory SAML integration currently supports the following features:
Sign in to Artifactory as an administrator.
Navigate to Admin > SAML SSO:
Under SAML SSO Configuration, enter the following (see screen shot at end of step for reference):
Check Enable SAML Integration.
SAML Login URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
SAML Logout URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
SAML Service Provider Name: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
SAML Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Optional: Check Auto Associate Groups: This should be used in conjunction with the next option below, and also with step 4 later in this doc.
Note: When set, in addition to the groups the user is already associated with, the user will also be associated with the groups returned in the SAML login response. Note that the user's association with the returned groups is not persistent. It is only valid for the current login session.
Optional: Group Attribute: Enter group.
Email Attribute: Enter email.
Optional: Check Auto Create Artifactory Users in order to enable Just In Time (JIT) provisioning.
Optional: Check Allow Created Users Access To Profile Page.
Note: Auto-created users will have access to their profile page and will be able to perform actions such as generate API key.
Optional: Leave Auto Redirect Login Link To SAML Login unchecked.
Note: When set, clicking the login link will direct users to the configured SAML login URL.
Click Save.
Optional: Enable group attribute in Okta as follows:
In Okta, select the Sign On tab for the Artifactory app, then click Edit.
Select your preferred group filter from the dropdown list (the Regex rule with the value ".*" in order to send *all* groups to the Artifactory instance we used in our example).
Click Save.
Done!
Open the Artifactory login URL: https://[yourArtifactoryURL]/webapp/#/login.
Click SAML SSO.