In this document, We will see how to configure SAML based SSO for Zilla Security using Okta as IDP ( an Identity Provider )
...
Prerequisites
You must have an admin account with Zilla Security
SSO should not have been configured or SSO configuration must be deleted using admin settings
Okta account with admin privileges
Let us start,
...
Do login into Zilla Security using an admin account, Visit configure SSO page which shall look like following, Check SAML box & click on configure
...
A dialog like following shall open,
...
Setup Instructions
Login to Zilla as an admin and navigate to Settings using the panel on the left side of the UI. Then, in Discovery & Configuration, select Configure under Single Sign-On Provider:
...
Select the SAML option, and click on Configure:
...
You should see the following appear:
...
Keep this SAML Config Dialog open
...
and open a new tab
...
. Sign into your
...
organization’s Okta account with admin privileges.
On the Okta dashboard
...
, switch to Classic
...
UI if you’re on the Developer UI (If
...
you are not logged in as an admin, you will not see these options)
...
Choose Applications → Applications tab:
...
Click on Add Application button on applications view:
...
The add application form will provide search box & Create New App buttons select Create New App
...
...
A pop up will appear
...
. Select Web as
...
the platform if not already selected
...
and SAML 2.0 as the sign-on method. Click Create.
...
Fill in the General settings
...
. Make the App Name: Zilla Security. You can also upload an App logo from our image
assets, Click Next
...
You
...
should now see
...
the SAML Settings Page,
...
Here, under the GENERAL section, copy
...
the Zilla ACS URL and Audience URI from the Zilla SAML config
...
into the Single
...
Sign-
...
...
On URL and Audience URI fields of Okta SAML Settings form
...
e.g. An account for example.com will have this URL as https://localhost:3000/account/example.com.
...
Note: These URLs will change per environment e.g. for dev Single sign-on URL would behttps://dev.zsec.io/api/auth/sso/saml & Audience URI ( SP Entity Id ) would behttps://dev.zsec.io/account/example.com
After filling above information you shall see output as follows,
...
...
Zilla maps Okta users
...
using their email address,
...
hence, we will need to set up an email attribute.
...
In the ATTRIBUTE STATEMENTS (OPTIONAL) section, add the following custom profile parameters
...
Name as email & select user.email as value.
...
Name as firstName & select user.firstName as value.
...
:
...
Keep the other options
...
as their default
...
and hit the Next button on the bottom of the SAML Settings page.
...
On the final feedback page answer, answer the question “Are you a customer or partner?” by choosing option “I'm an Okta customer adding an internal
...
app”, then click Finish.
...
After you finish, you will see the application in the sign-on section
...
. It should say “SAML 2.0 is not configured until you complete the setup instructions.” Click the View Setup Instruction button
...
.
...
The Setup instruction page may will look like following,:
Copy Identity Provider Single Sign-On URL from the Okta setup page & paste into Zilla Security SAML config dialogs IDP SSO (Single sign-on) URL field
Copy Identity Provider Issuer from the Okta setup page & paste into Zilla Security SAML config dialogs IDP Entity ID (Issuer) field
Finally, Copy X.509 Certificate from the Okta setup page & paste into Zilla Security SAML config dialogs IDP X.509 Certificate field after filling out everything the SAML config dialog shall look like following
Now before Before we proceed to validate, we need to do one final thing on in Okta, . We will need to assign users to this newly added app, . Navigate back to app instance click on Assign → Assign to Group
...
We will assign the app to group Everyone click . Click on the Assign button & then click on Done.
...
We are done with the Okta Idp dashboard setup for enabling SSO to Zilla Service. Now click on the Validate button.
...
Finally, click on Validate to Zilla Security SAML config dialog user will be redirected to OneLogin & on successful authentication SAML SSO will be successful. Click on Next for finishing the setup.
...
...
can now Validate the Integration inside of Zilla:
...
You should see a green success button appear.
...
Now, any reviewers, technical owner, or app owners will be able to login to Zilla to see the apps and reviews they are assigned to.
| Include Page | ||||
|---|---|---|---|---|
|