Automox Okta Single Sign-on (SSO) Integration

You can configure single sign-on through Okta for all of your Automox users.

Automox integrates with Okta Identity Management through a series of simple steps. Automox also has a pending application available on the Okta app marketplace. This supports both service provider (SP) and identity provider (IDP) initiated sign on. Users can either click the Automox app on their Okta dashboard to sign in, or simply provide their email address on the sign in page to be redirected to Okta for authentication.

Initial Setup

To set up Okta, you need the following information from Automox:

  • Your unique ACS URL

  • Entity ID 

Prerequisites: Administrative privileges required.

  1. From the Settings → Security tab in your Automox console, click Enable on the SAML option.

  2. This will load a window with the required ACS URL and Entity ID.

Keep this information in a tab for use during the Okta configuration.

Okta Configuration

As an Okta administrator, you can set up an integration to Automox following the normal Okta app creation steps.

  1. Within the Okta Admin panel, select Applications → Add Application.

    okta-config-add-app.png

  2. Search for Automox. If the application is not available, click Create New App.

  3. From the platform menu, select Web.

  4. For the sign on method, select SAML 2.0.

    okta-config-saml20.png

  5. On the General Settings window, enter a name for the app.
    (Optional) You can right-click and save the following Automox logo and upload it.

    ax-logo.png

  6. For the SAML Settings window, you will need the customer ID (organization ID number) from the Automox console.

    okta-saml-settings.png

    • Paste the Customer ID (this is the Org ID) into the Single sign-on URL field.

    • Select the check box for Use this for Recipient URL and Destination URL.

    • Paste the Entity ID into the Audience URI (SP Entity ID) field

    • The Name ID format should be Unspecified and the Application username Okta username

  7. Automox supports custom attributes for first name and last name. To set these configurations, add an extra row in the Attribute Statements. The first row should include firstName in the first field, and user.firstName in the second field, while the second row should include lastName in the first field, and user.lastName in the second field. Note: In order to edit the attribute statements after initial setup, from the Okta developer dashboard, click Applications. Select the Automox Application and from the General tab click Edit on the SAML Settings section. Click Next and scroll down the page to find the Attribute Statements.

    Okta-attributes.png
  8. From this page, you can download the Okta certificate that can be used to configure your application.

  9. After you finish the configuration, go to the application's settings page.

  10. There are two options available for configuring the integration.

    • From the Sign On tab, click View Setup Instructions, which will open in a separate tab. From here,  you can copy and paste the details required for Automox.

    • Download the Okta certificate and import the XML file to Automox.

Automox Configuration

Follow these instructions for the Automox console configuration.

You will need the information from the View Setup Instructions tab to complete this section.

  1. From the Settings → Security tab in your Automox console, click Enable on the SAML option.

  2. In the Configure SAML window, paste the metadata based on the following mapping:

    • Okta Identity Provider Single Sign-On URL = Login URL

    • Okta Identity Provider Issuer = Entity ID

    • Okta X.509 Certificate = x.509

  3. (Optional) You can provide a Logout URL that redirects users to a selected URL after logout. This is often a link to your internal Okta dashboard.

  4. Automox also supports auto-provisioning for new users. If enabled, users can be added to the Automox app in Okta, and will have licenses created for them in Automox as they attempt first login. When SAML is enabled, inviting new users to Automox is restricted to provisioning. This configuration is highly recommended.

  5. Click Save Configuration to enable SAML.

  6. Add all required users to the Automox app in Okta to complete your setup.

When provisioning users from IDP, the user is created in Automox as a Read-Only user. The global administrator or zone administrator can adjust the role for the newly-created users by going to Manage Zones And Users → Roles & Permissions.

Was this article helpful?
0 out of 0 found this helpful