Jump to content

Search the Community

Showing results for tags 'saml'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Essentials
    • Announcements
  • Passwordstate 9.x
    • General Support
    • General Hints and Tips
    • Known Issues
    • Installing Passwordstate
    • Feature Requests
    • Feature Requests - Completed
    • 3rd Party Hardware/Software Knowledge Forum
  • Knowledge Base
    • General FAQs
    • Password Resets
    • Remote Session Launcher
    • App Server
    • Passwordstate API
    • Browser Extensions
    • Password Reset Portal
  • Passwordstate 8.x
    • General Support
    • Feature Requests - Completed

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Google Plus Account


Location


Interests


Biography


Location


Interests


Occupation

Found 1 result

  1. I'm having great difficulty with passwordstate talking to Okta, and the example config in the password state docs for Okta is greatly lacking (missing 80% of the config values). What happens is when I visit our local password state, it goes off to Okta, verifies, go back to passwordstate which then fires off to Okta again, etc etc etc Here is the config I currently have: What the heck am I missing? Plus where the heck in passwordstate can I see what I assume are the failed assertions? OKTA CONFIG Single sign on URL: https://internal.pstate.example.com/logins/saml/default.aspx Use this for Recipient URL and Destination URL: YES Allow this app to request other SSO URLs: NO Audience URI (SP Entity ID): https://internal.pstate.example.com/ Default RelayState: https://internal.pstate.example.com/logins/saml/default.aspx Name ID format: Unspecified Application username: AD user principal name Update application username on: Create and update Response: Signed Assertion Signature: Signed Signature Algorithm: RSA-SHA1 Digest Algorithm: SHA1 Assertion Encryption: Unencrypted Enable Single Logout: NO Assertion Inline Hook: None (disabled) Authentication context class: PasswordProtectedTransport Honor Force Authentication: Yes SAML Issuer ID: http://www.okta.com/${org.externalKey} ----------------------- PASSWORDSTATE CONFIG Select which field in Passwordstate you want to compare against the SAML Response's Name Identifier - NameID: UserPrincipalName After SAML Authentication: -- Select Authentication Option -- (ie nothing) X.509 Cert: <from Okta > Certificate Type: SHA1 IDP Target URL https://company.okta.com/app/xxxxxxxxxxxxxxxxxxxxxx_passwordstate_1/exk1123123123123bks4x7/sso/saml IDP Issuer URL: http://www.okta.com/exk123123123123 ------------------------------ WHAT HAPPENS when you visit https://internal.pstate.example.com/ GET to https://company.okta.com/app/xxxxxxx_passwordstate/exk1123123123123bks4x7/sso/saml?SAMLRequest=......... POSTs to https://internal.pstate.example.com/ 302 -> /default.aspx GET to https://internal.pstate.example.com/default.aspx 302 -> /logins/saml.aspx? GET to https://internal.pstate.example.com/logins/saml.aspx? 302 -> https://company.okta.com/app/xxxxxxx_passwordstate/exk1123123123123bks4x7/sso/saml?SAMLRequest=......... (back to the beginning)
×
×
  • Create New...