Step 1: Configure ADAudit Plus in Okta
- Log in to the Okta portal.
- Under the Apps tab, click Add Application → Create New App.
- Select Web as the Platform and SAML 2.0 as the Sign on method, and click Create.
- In General Settings, enter the SAML application name (for example, ADAudit Plus) in the App name field. Upload a logo for the application if needed, and click Next.
- In the Configure SAML section, enter the values for: Single sign on URL and Audience URL.
- Click Finish.
Note: To find the values for the Single sign-on URL and Audience URI, log in to the ADAudit Plus console, navigate to Admin → Administration → Logon Settings → Single Sign-On. Check the box next to Enable Single Sign-On, and select SAML Authentication → Identity Provider (IdP) → Okta. Copy the ACS/Recipient URL value, and paste it in the Single sign-on URL field. Copy the Issuer URL/Entity ID value, and paste it in the Audience URI field.
- Once the configuration is complete, navigate to the Sign on tab to download the identity provider metadata file.
Step 2: Configure Okta in ADAudit Plus
- Log in to the ADAudit Plus web console with admin credentials. Navigate to Admin → Administration → Logon Settings → Single Sign-On. Check the box next to Enable Single Sign-On, and select SAML Authentication.
- Select Okta from the Identity Provider (IdP) drop-down. Under SAML Configuration Mode, select Upload Metadata File. Click Browse and upload the metadata file obtained at the end of the Step 1.
- If you want to enable single logout, follow these steps:
- Copy the Issuer URL/Entity ID and SP Logout URL, and download the X.509 Certificate.
- Log in to Okta, go to the Configure SAML page, and click Show Advanced Settings.
- Check the Enable Single Logout option, paste the Issuer URL/Entity ID in SP Issuer field and the SP Logout URL in the Single Logout URL field.
- Click Browse next to Signature Certificate, and select the X.509 Certificate you downloaded.
- Click Upload Certificate.
- Click Save.
