To integrate Okta authentication with Valohai using SAML, follow these steps:
Create App Integration in Okta
- Log in to your Okta admin account.
- In the Okta admin dashboard, navigate to “Applications” and click on “Applications.”
- Click the “Add Application” button.
- Search for “SAML 2.0” and select it as the application type.
Configure SAML Settings in Okta
- Page 1:
- Name the app as you like.
- Enable the “Do not display” options because Valohai does not support IdP-initiated logon.
- Page 2:
- Single sign-on URL: Use the ACS URL from Valohai.
- Audience URI (SP Entity ID): Use the Entity ID from Valohai.
- Name ID format: Select “Persistent.”
- Page 2 (Attribute statements):
- Configure attribute statements to map user attributes from Okta to Valohai. Example mappings:
- urn:oid:220.127.116.11 / format: URI / user.firstName
- urn:oid:18.104.22.168 / format: URI / user.lastName
- urn:oid:1.2.840.113522.214.171.124 / format: URI / user.email
- You can include other attributes for mapping, such as team information or any other attributes required for permissions and team assignment.
- Page 3:
- Select “I’m an Okta customer adding an internal app.”
- Choose “This is an internal app that we have created.”
- After the app is created, find the “Identity Provider metadata is available if this application supports dynamic configuration” link, and copy the metadata URL.
Share Metadata URL with Valohai
Share the copied metadata URL with your Valohai Success Manager. They will use this URL to configure the login for your organization on Valohai.