Configuring Okta for SAML-SSO in AppScan Enterprise

You can configure Okta as an Identity Provider (IdP) for user authentication service that supports the SAML-SSO login method for both cloud-based and on-premise AppScan Enterprise application login. The Okta seamlessly integrates with the AppScan Enterprise user database directories such as Active Directory or LDAP.

Before you begin

  • You must be an AppScan Enterprise administrator to configure the Okta as an IdP for SAML-SSO.
  • You must be an Okta administrator.
  • You must noted the URLs you have configured in the SAML properties file for Okta.
  • You must have completed the following tasks:

Procedure

  1. Open the Okta application page by using the Okta application URL in a browser.
    The Okta login page is displayed.
  2. Log in to the Okta account as an administrator.
    The Okta Dashboard page is displayed.
  3. Click Application from the Applications menu.
    The Application page is displayed.
  4. Click the Add Application tab.
    The Add Application tab is displayed.
  5. Click the Create New App button.
    The Create a New Application Integration dialog box is displayed.
  6. Select Web in the Platform drop-down list.
    You must select this option when the application you are configuring for SAML authentication is offered as a web-based application platform.
  7. Click SAML 2.0 in the Sign on method section.
    The SAML version you select should be supported by AppScan Enterprise application you are integrating with Okta.
  8. Click Create.
    The new application creation page is displayed.
  9. Under the General Settings tab, perform the following steps:
    1. Enter a unique name you want to be displayed to represent AppScan Enterprise application icon on the Okta page in the App Name field.
      For example: You can define the name as ASE-SSO.
    2. Click Browse to select an icon that represents the AppScan Enterprise product logo in the App logo (optional) field, if required. The product logo or icon you select is displayed in preview.
    3. Choose an appropriate check box according your requirement in the App visibility section.
  10. Click Next.
    The Configure SAML page is displayed.
  11. You must enter values in the Single sign on URL and Audience URI (SP Entity ID) fields with the URLs you have configured in the SAML properties file for Okta. The syntax of the URLs you enter in these fields are as follows:
    • Single sign on URL: <ASE url>/api/saml. For example: https://160.161.162.163:9443/api/saml. Where, 160.161.162.163 is the hostname of the AppScan Enterprise URL and 9443 is the port number for SAML communication.
    • Audience URI (SP Entity ID): <ASE url>/metadata.jsp.
  12. Confirm the URLs and click Next to continue.
    The Feedback tab is displayed.
  13. Click I'm an Okta customer adding an internal app in the Are you a customer or partner? section.
  14. Select This is an internal app that we have created check box.
  15. Click Finish. The AppScan Enterprise application configuration page is displayed.

Results

The AppScan Enterprise is configured to Okta for SAML-SSO user authentication service.

What to do next

You must now complete the setup based on the View Setup instructions available on the AppScan Enterprise application you have integrated in Okta. See, Updating Okta Token certificate and Custom properties for SAML