Configuring single sign-on to ADAudit Plus using Okta
Step 1: Configure ADAudit Plus in Okta
Log in to the Okta portal.
Under the Apps tab, click Add Application → Create New App.
Select Web as the Platform and SAML 2.0 as the Sign on method, and click Create.
In General Settings, enter the SAML application name (for example, ADAudit Plus) in the App name field. Upload a logo for the application if needed, and click Next.
In the Configure SAML section, enter the values for: Single sign on URL and Audience URL.
Click Finish.
Note: To find the values for the Single sign-on URL and Audience URI, log in to the ADAudit Plus console, navigate to Admin → Administration → Logon Settings → Single Sign-On. Check the box next to Enable Single Sign-On, and select SAML Authentication → Identity Provider (IdP) → Okta. Copy the ACS/Recipient URL value, and paste it in the Single sign-on URL field. Copy the Issuer URL/Entity ID value, and paste it in the Audience URI field.
Once the configuration is complete, navigate to the Sign on tab to download the identity provider metadata file.
Step 2: Configure Okta in ADAudit Plus
Log in to the ADAudit Plus web console with admin credentials. Navigate to Admin → Administration → Logon Settings → Single Sign-On. Check the box next to Enable Single Sign-On, and select SAML Authentication.
Select Okta from the Identity Provider (IdP) drop-down. Under SAML Configuration Mode, select Upload Metadata File. Click Browse and upload the metadata file obtained at the end of the Step 1.
If you want to enable single logout, follow these steps:
Copy the Issuer URL/Entity ID and SP Logout URL, and download the X.509 Certificate.
Log in to Okta, go to the Configure SAML page, and click Show Advanced Settings.
Check the Enable Single Logout option, paste the Issuer URL/Entity ID in SP Issuer field and the SP Logout URL in the Single Logout URL field.
Click Browse next to Signature Certificate, and select the X.509 Certificate you downloaded.
