Skip to main content

SAML Authentication Settings with Okta

SAML Authentication Settings with Okta


IdP-initiated SAML

Specify urn:oasis:names:tc:SAML:2.0:nameid-format:persistent for the format and Persistent Identifier for the value. For attribute mapping, provide the user’s email address as “email”.

This document outlines the steps to set up SAML authentication with the Okta.

  • Adding and Configuring an Application on Okta
  • DeployGate Settings

Okta Settings

Log in to Okta and proceed to the Admin Dashboard.

Add Application

Select Add Applications from the Admin Dashboard.

ScreenShot of SAML Okta

Click the Create New App button.

ScreenShot of SAML Okta

In the pop-up, select SAML 2.0 and click the Create button.

ScreenShot of SAML Okta

SAML Integrationの作成

In General Settings, enter "DeployGate" in the App name field.

ScreenShot of SAML Okta Please download the following image and use it as the App Logo.

DeployGate Logo

Input SAML Settings

ScreenShot of SAML Okta

Enter the following information into the SAML Settings.

ItemValue
Single sign on URLhttps://deploygate.com/saml/acs
Audience URI (SP Entity ID)Please obtain this information from DeployGate’s screen.
Default RelayStatePlease obtain this information from DeployGate’s screen. As of July 2021, it will be displayed with the following format.
e.g. s;;

For all other fields, please use the default values. Click Next when you’re done.

Feedback Settings

Select I'm an Okta customer adding an internal app and click Finish. Other fields can remain blank.

ScreenShot of SAML Okta

Obtaining Settings

When finished, select View Setup Instructions to obtain the settings to be entered into DeployGate.

ScreenShot of SAML Okta

Identity Provider Single Sign-On URL and Identity Provider Issuer values should be copied or written down.

ScreenShot of SAML Okta

X.509 Certificate Is also required for the following steps.

ScreenShot of SAML Okta

Set up accounts in Assignments

Next, go to Assignments to set up user assignments. At a minimum, the individual who is configuring all these settings must have their account assigned. Otherwise, they will not be able to complete the setup in DeployGate.

ScreenShot of SAML Okta

In Assign, select and add People or Groups, depending on who you would like to be able to use DeployGate.

ScreenShot of SAML Okta

Assign Everyone to make it available to all users. (*opctional)

ScreenShot of SAML Okta

When you’ve confirmed that the assignments were successfully added, proceed to DeployGate’s Settings.

ScreenShot of SAML Okta

DeployGate Setting

Open the DeployGate Enterprise Admin Console and select Enable SAML authentication button.

ScreenShot of SAML Okta

Enter authentication settings

Enter the required information into the authentication settings wizard and click save and continue button.

ScreenShot of SAML Okta

ItemDescription
dp nameOkta (or your choice of name)
ldp entity idThe Identity Provider Issuer obtained earlier
Idp sso target urlIdentity Provider Single Sign-On URL obtained earlier
ldp certificateThe X.509 Certificate obtained earlier
When uploading the certificate, if you’re unable to select the file, you have two options to set it up. You can either change the extension of the downloaded certificate file to .pem or drag and drop the file directly to the Choose File button.

Verifying the settings information

Once saved, the information to be entered into Okta will be displayed. Please ensure that the displayed information (especially RelayState) is identical to the previously configured information. If you’re satisfied that the information is correct, click the Enable SAML authentication button.

Steps to take immediately after enabling authentication
  • After clicking on the “Enable SAML authentication” button, you will be redirected to Okta for authentication. You will also be prompted to log in to DeployGate again for confirmation.
  • If you log in with the email and password of the current account, you will be logged out and the configuration will be completed.

These steps complete the configuration process. Once finished, please use DeployGate’s Login with SAML authentication or Okta’s Applications selection to log in.

Troubleshooting

In the case of showing “Sorry, you can’t access…” error after enabling SAML authentication

ScreenShot of SAML Okta

This error appears when People/Groups are not assigned in the Application section of Okta. Please follow the steps outlined in the Set up accounts in the Assignments section above.