Versions Compared

Version Old Version 17 New Version 18
Changes made by

Sean McDade

Benoit Desnoyers

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
minLevel1
maxLevel7
indent10

...

  1. Open the ZPM SP Metadata file you exported in the previous step to get the information required for configuring the required SAML settings in OKTA

...

  1. Image Added

  1. Fill in the Single sign on URL and Audience URI (SP Entity ID) fieldsin OKTAby searching your ZPM SP Metadata file for the values in red below:

    1. Copy the entityID value from the ZPM SP metadata to the Single sign on URL field in OKTA.

      In this example the value is https://stack8-demo.smacs.stack8.com:443/saml/SSO

    2. Copy the </md:NameIDFormat><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location= value from the ZPM SP metadata to the Audience URI (SP Entity ID) field in OKTA.

      In this example the value is https://stack8-demo.smacs.stack8.com:443/saml/metadata

...

Adding ZPM as a Service Provider (SP) in ADFS using metadata.xml file:

...

  1. Set Name ID format to “Unspecfied”

  2. Set Application username to “User Principal name”

    Image RemovedImage Added

  3. Click Next and then Finish.

    Image RemovedImage Added

Configuring Name Identifier in ADFS

  1. Edit Claim Issuance Policy

  2. Click “Add Rule”

  3. Choose Claim rule template “Send LDAP Attributes as Claims” and click “Next”

  4. Provide a Claim rule name, select the Attribute Store “Active Directory” from the dropdown, provide the UserPrincipalName to Name ID mapping and click “Finish”.

    Image RemovedImage Added

Provide Users Access to the ZPM Application

...

Note

Making changes to the OKTA applications SAML Settings (the steps completed in previous sections) will modify the IDP Metada.

You must re-download the latest IDP Metadata anytime a change is made to these settings.

Go back into ZPM and complete the SAML SSO Configuration

...