Create an app in Okta IdP

Okta is a popular Identity Provider. Its database is used to identify principals (users) before they can log in. This article shows how to create an app in Okta and use the app to configure an SAML 2.0 SSO Sign-in mechanism on your SearchUnify search clients.

Prerequisites

Obtain a security certificate from the SearchUnify team. The certificate is stored in a file with the extension .pem.

Create an App

  1. Log into Okta. Navigate to Applications and click Create App Integration.

  2. Select SAML 2.0 as the sign-in method, and click Next.

  3. Under General Settings, add a label in App name and click Next. For illustration, we named the app SearchUnify.

  4. In Configure SAML, fill the form and click Show Advanced Settings.

    • Single sign on URL. Destination URL of the app or instance. The format is: {{base URL}}/saml/hostedLogin for search users and {{base URL}}/saml/auth for admin users. Make sure to check Use this for Recipient URL and Destination URL.

    • Audience URI (SP Entity ID). Destination URL of the app or instance.

    • Name ID format. Unspecified.

    • Application username. Okta username.

    • Update application username on. Create and update.

  5. Scroll down to Enable Single Logout. Check Allow application to initiate Single Logout. Upon checking, more fields appear. Enter the destination URL. The format is {{base URL}}/saml/hostedLogout for search users and {{base URL}}/saml/logout for admin users. In Signature Certificate , upload the security certificate that you should have received from the SearchUnify team.

  6. Scroll down to the bottom of the page and click Next.

  7. In Feedback, answer to Are you a customer or partner?, and click Finish.

  8. Open the newly-created app. Under Sign On, click View Setup Instructions.

  9. You can now see the information that you need to configure SAML 2.0 authentication on SearchUnify. Log into your instance in a new tab and follow the instructions on SAML 2.0: Log Into SearchUnify with an Identity Provider.

Get Security Certificate

The certificate is needed to configure SSO, as described in SAML 2.0: Log Into SearchUnify with an Identity Provider.

  1. Go to the SearchUnify app page and click Sign On.

  2. From navigation, go to Applications > Applications. Then scroll down to SAML Signing Certificate.

  3. Once the new certificate is ready, download it.

Last updatedTuesday, February 6, 2024

Or, send us your review at help-feedback@searchunify.com