Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

In this document, We will see how to configure SAML based SSO for Zilla Security using Okta as IDP ( Identity Provider )

Prerequisite

  • You must have an admin account with Zilla Security

  • SSO should not have been configured or SSO configuration must be deleted using admin settings

  • Okta account with admin privileges

Let us start,

  • Do login into Zilla Security using an admin account, Visit configure SSO page which shall look like following, Check SAML box & click on configure

     

  • A dialog like following shall open,

    We have all the fields here necessary for configuration keep this SAML Config Dialog open & open a new tab sign in into your organization Okta account with admin privileges.

  • On Okta dashboard Switch to Classic Ui if you’re on Developer UI ( If your not admin you will not see these options )

  • Choose Applications → Applications tab

  • Click on Add Application button on applications view

  • The add application form will provide search box & Create New App buttons select Create New App

  • Ap pop up will appear select Web as a platform if not already selected & SAML 2.0 as the sign-on method. Click Create.

  • Fill in the General settings by providing App name as Zilla Security & Upload App logo from our image

assets, Click Next

  • You shall see next SAML Settings Page,

  • On SAML Settings page under the GENERAL section copy paste contents of Zilla ACS URL from Zilla SAML config dialog into Single sign-on URL field of Okta SAML Settings form

  • In Audience URI ( SP Entity Id ) field of Okta SAML Settings form copy paste contents of Zilla Entity ID ( SP Entity ID ) from Zilla Security SAML config dialog

e.g. An account for example.com will have this URL as https://localhost:3000/account/example.com.

  • Note: These URLs will change per environment e.g. for dev Single sign-on URL would behttps://dev.zsec.io/api/auth/sso/saml & Audience URI ( SP Entity Id ) would behttps://dev.zsec.io/account/example.com

  • After filling above information you shall see output as follows,

  • Zilla maps Okta users from their email, Hence we will need to set up email attribute. On section ATTRIBUTE STATEMENTS (OPTIONAL) add following custom profile parameters,

    • Name as email & select user.email as value.

    • Name as firstName & select user.firstName as value.

    • Name as lastName & select user.lastName as value.

    Keep the other options to default & hit the Next button on the bottom of the SAML Settings page.

    On the final feedback page answer, the question Are you a customer or partner? by choosing option I'm an Okta customer adding an internal app. & click Finish.

    • After finish, you will see the application in the sign-on section you shall see SAML 2.0 is not configured until you complete the setup instructions. Click the View Setup Instruction button there.

  • The Setup instruction page may look like following,

  • Copy Identity Provider Single Sign-On URL from the Okta setup page & paste into Zilla Security SAML config dialogs IDP SSO (Single sign-on) URL field

  • Copy Identity Provider Issuer from the Okta setup page & paste into Zilla Security SAML config dialogs IDP Entity ID (Issuer) field

  • Finally, Copy X.509 Certificate from the Okta setup page & paste into Zilla Security SAML config dialogs IDP X.509 Certificate field after filling out everything the SAML config dialog shall look like following

  • Now before we proceed to validate we need to do one final thing on Okta, We will need to assign users to this newly added app, Navigate back to app instance click on Assign → Assign to Group

We will assign the app to group Everyone click on the Assign button & then click on Done.

We are done with the Okta Idp dashboard setup for enabling SSO to Zilla Service. Now click on the Validate button.

  • Finally, click on Validate to Zilla Security SAML config dialog user will be redirected to OneLogin & on successful authentication SAML SSO will be successful. Click on Next for finishing the setup.

  • Whenever a user of your organization, Who is on Okta & Has access to Zilla Security SAML application on Okta, will be allowed to log in.

When you have finished with all the steps above, review the information in Zilla that was synced.

Having trouble? Try our Troubleshooting articles or contact support@zillasecurity.com.

Back to First Time Zilla Setup

  • No labels