This article describes how to configure Okta as the identity provider to Brightidea. This configuration provides a streamlined device enrollment experience using Okta's extensible multi-factor authentication within Brightidea, resulting in a consistent and familiar login experience for end users and administrators.
Getting Started
First, we'll gather some necessary information from your Brightidea system.
- Within Brightidea, navigate to System Setup > Access > SAML Profiles
- Copy the information under Service Provider Info and/or download the metadata file. This information will be used within the OKTA interface to establish the connection with Brightidea.
Create a new SAML app in Okta
If you use the Okta developer dashboard, switch to the Classic UI first. If you see a <> Developer prompt in the top left, click it and select Classic UI to switch to the Classic UI. Use the Classic UI for all the Okta tasks in this document.
- In the Admin Console, go to Applications > Applications.
- Click Create App Integration.
- Select SAML 2.0.
- Click Next.
- In General settings, enter an App name (for example, Brightidea SAML).
- Click Next.
- In SAML Settings, configure the following:
Option | Description |
---|---|
Single sign on URL | Paste the Assertion Consumer Service URL that you copied from your Brightidea System Setup. |
Audience URI (SP Entity ID) | Paste the entityID that you copied from your Brightidea System Setup. |
Name ID format | Select Unspecified. |
Application username |
Select Okta username. This maps to User Principal Name(UPN) in Workspace ONE. |
-
Click Next.
-
Select I'm an Okta customer adding an internal app.
-
Select This is an internal app that we have created.
-
Click Finish.
-
In the Settings section of the Sign On tab, locate and copy the URL for Identity Provider metadata.
- Save the metadata for use in Brightidea configuration (see below)
Complete creating a new Identity Provider in Brightidea
Follow the SSO Setup Guide to finalize the configuration in Brightidea
Assign the app to end users in Okta
After completing the setup, return to the Okta org and assign the newly created Brightidea application to end users. At first, assign the application to a few end users and then test the integration. For details, see Assign app integrations.
Comments