›  Dashboard  ›  Configure  ›  Single sign-on authentication  ›  Using Okta

Single sign-on authentication within Cloud Backup using Okta

On this page

Setup flow

# Step Description
1 Turn SSO on Turn SSO on in the Infrascale Dashboard
2 Set SSO scope Select accounts to apply SSO for
3 Create SSO app Set up and configure Okta app for SSO
4 Configure SSO Choose SSO configuration method and provide configuration details

Turn SSO on

To set up SSO, you need to turn it on first in the Infrascale Dashboard. For this:

  1. Sign in to the Infrascale Dashboard.

    Use an account with the administrator role.

  2. In the menu, go to SettingsSingle Sign-On.

    Menu item

    The SSO settings page opens.

  3. Select Enable Single Sign-On (SSO) to expand configuration settings.

    Configuration settings include the following groups:

    Group Description
    Enable SSO for This group of settings lets you set the SSO scope—that is, to select the predefined account groups and to specify individual accounts to apply SSO for
    Service Provider Settings This group includes settings to use when creating SSO app in Okta
    Identity Provider Settings This group of settings lets you choose how to configure SSO and provide configuration details

    SSO settings

Continue with setting the SSO scope.

Set SSO scope

You can set the scope of SSO—that is, to select accounts to apply SSO for.

To map accounts, account names on the service provider side (that is, within the Infrascale services) must match the account emails on the Okta side.

In the Enable SSO for group, select one or more available account groups:

  • Dashboard admins to enable SSO for the Infrascale Dashboard accounts with the administrator role;

  • All backup accounts to enable SSO for all backup accounts;

  • Individual accounts to enable SSO only for specific Infrascale accounts.

    Enter one or more account usernames separated by comma, space, or semicolon.

SSO scope

Continue with creating an SSO app in Okta.

Create SSO app

  1. In the Okta Admin Console, go to ApplicationsApplications.

  2. Click Create App Integration.

    Create app integration

    The sign-in method dialog opens.

  3. Select SAML 2.0 as the sign-in method, and then click Next.

    Sign-in method

    The app integration wizard opens.

  4. On the General Settings step, provide the basic information about the app, and then click Next.

    General settings

  5. On the Configure SAML step, provide the following details, and then click Next.

    • In the Single sign on URL box, enter the reply URL address.

      You can find the reply URL address on the Infrascale Dashboard SSO settings page in the Reply URL box.

    • In the Audience URI (SP Entity ID) box, enter the service provider entity ID.

      You can find the service provider entity ID on the Infrascale Dashboard SSO settings page in the Service Provider Entity ID box.

    SAML settings

  6. On the Feedback step, provide the app feedback to Okta, and then click Finish.

Continue with configuring SSO in the Infrascale Dashboard.

Configure SSO

To configure SSO in the Infrascale Dashboard, you must provide the SAML metadata. For this, in the Identity Provider Settings group, choose one of the following options:

Identity provider settings

Via metadata URL

With this option, the system retrieves SAML metadata necessary for SSO from the metadata URL address you enter.

  1. In the Okta Admin Console, open the newly created app, and go to the Sign On tab.

  2. Find and copy the URL address of the Identity Provider metadata.

    Copy metadata URL address

  3. Go to the SSO settings page in the Infrascale Dashboard.

  4. In the Identity Provider Settings group, select Via metadata URL, and then enter the copied address in the respective box.

    Enter metadata URL address

  5. Click Save to apply changes.

Using metadata file

With this option, the system retrieves SSO configuration data from the metadata file you upload.

  1. In the Okta Admin Console, open the newly created app, and go to the Sign On tab.

  2. Find and open the link under Identity Provider metadata.

    Open metadata file

  3. Save the open metadata file to your device.

  4. Go to the SSO settings page in the Infrascale Dashboard.

  5. In the Identity Provider Settings group, select Using metadata file, and then import the saved metadata file.

    Import metadata file

  6. Click Save to apply changes.

Manually

With this option, you manually enter the minimum required data and upload the certificate to configure SSO.

  1. In the Okta Admin Console, open the newly created app, and go to the Sign On tab.

  2. Click View Setup Instructions.

    Link to data for manual SSO configuration

    The data to configure SSO manually opens.

  3. In the open window:

    • Copy the URL address from the Identity Provider Single Sign-On URL box.

    • Copy the URL address from the Identity Provider Issuer box.

    • Download the certificate to your device.

    Data for manual SSO configuration

  4. Go to the SSO settings page in the Infrascale Dashboard.

  5. In the Identity Provider Settings group, select Manually, and then:

    1. In the Entity ID box, enter the Identity Provider Single Sign-On URL you copied earlier.

    2. In the Login URL box, enter the Identity Provider Issuer you copied earlier.

    3. Import the SAML certificate you downloaded earlier.

    4. Click Save to apply changes.

    Manual configuration