SAML Configuration for Okta

Overview

This guide provides step-by-step instructions for configuring SAML authentication between Okta and D3 vSOC. It includes setting up the SAML app integration in Okta, creating and assigning users, configuring specific parameters for different D3 SOAR versions, and enabling login via Okta to D3 vSOC.

Procedure

Configure SAML in Okta

1. Login to your Okta Portal at <instance>.okta.com.

2. Navigate to Applications > Applications > Create App Integration.

   

3. Select the SAML 2.0 radio option, then click on the Next button.

   

4. Enter a name for your D3 application, then click on the Next button.

   

5. Enter your D3 SOAR URL in the Single sign-on URL field with /login.aspx appended.

READER NOTE

The inclusion of /login.aspx is mandatory. Failure to do so will result in the following error message and associated troubleshooting details.

6. Enter your D3 SOAR URL in the Audience URL (SP Entity ID) field.

   

7. Scroll down to the bottom of the Configure SAML stage, then click on the Next button

8. Click on the Finish button in the Feedback stage.

   

9. Click on the Sign On tab, then click on the View SAML setup instructions button to be redirected to another page containing the Single Sign-On URL and X.509 Certificate.

   

READER NOTE

In Okta, Single Sign-On URL maps to Target URL in D3 vSOC, whilst X.509 Certificate maps to Certificate in D3 vSOC.

7. Store the Identity Provider Single Sign-on URL and the X.509 Certificate for later use when configuring SAML in D3 vSOC.

   

READER NOTE

• If you would like D3 to assist with the setup process, send D3 your SAML setup certificate through a private channel.

• If your organization decides to perform the setup independently, copy Okta’s Single Sign-On URL and the X.509 Certificate into the New Auth form in D3 vSOC. Follow the Login Authentication Configuration Guide for details.

Create Users in Okta

1. Click on the Directory dropdown menu, then click on the People menu item.

2. Click on the Add person button.

   

3. Enter all the input fields within the Add Person form, then click on the Save button.

   

READER NOTE

An activation e-mail will be sent to the user.

Assign Okta User the SAML Integration

1. Click on the Applications dropdown menu, then click on the Applications menu item.

2. Click on the app integration created from the SAML Configuration for Okta section.

   

3. Click on the Assignments tab.

4. Click on the Assign dropdown menu, then select the Assign to People menu item.

   

5. Click on the Assign button in the popup, for the user created in the Create Users in Okta section.

   

6. Enter the primary email for user set in the Create Users in Okta section, then click on the Save and Go Back button.

   

7. Confirm the rendering of the Assigned status, then click on the Done button.

   

READER NOTE

Before proceeding to the next section, ensure that you have:

• Created D3 user accounts (Organization Management > Users > + Add Users). The SAMLEmailIDType configuration key in vSOC’s Application Settings > Web Config determines what your D3 username must be. Depending on its setting, your username could be either your full email address or the local part of your email. Refer to the FAQ section in the Authentication Configuration Guide for more details.

• Assigned login methods to those D3 user accounts (Application Settings > Login Authentication > Users).

READER NOTE

To enable multiple users within your organization to access D3 vSOC, create an Okta user for each individual, and assign them the SAML Integration.

Login to D3 vSOC via Okta

1. Navigate to the General tab.

   

2. Scroll down and copy the Embed Link.

   

3. Paste the Embed Link into a new browser tab and press the Enter.

4. Enter your Okta username and password, then click on the Sign In button.

   

After logging in to Okta successfully, you will be redirected to D3 vSOC.