Okta Authentication Configuration
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
Okta uses SAML 2.0 protocol to communicate with web applications (like Kyvos) for carrying on SSO. To use Okta for external authentication in Kyvos, enable SAML for the Kyvos Web application.
To know more about SAML 2.0, click here.
Prerequisites
To enable SAML for Kyvos, you must have the following certificate files
X.509 certificate file
Service Provider Key File
Register the Kyvos application with your Okta account, and generate and download the following:
Single Sign-On URL
Identity Provider Issuer
X.509 Certificate File
To configure SAML2.0 as an external authentication provider for the Kyvos Web Portal, you must add the following values when creating the application in Identity Provider (IdP) for Single Sign On:
Sign-in redirect URIs: /kyvos/oauthRedirect
Sign-out redirect URIs: /kyvos/#/master/SSOLogout
SAML configuration in Kyvos Manager
To configure SAML2.0 as an external authentication provider for the Kyvos Web Portal, perform the following steps.
On the Kyvos Manager, navigate to Security > Web based SSO page.
Select the Enable External Authentication checkbox to define the external authentication mechanism for the Kyvos Web portal.
Select the SAML2.0 option from the Provider list.
Enter details as:
Click the Save button to save changes.
Verifying configuration in Kyvos Manager
Once the settings are saved, verify the values of these properties in the Kyvos Manager.
For this, click Manage Kyvos Properties. The Properties page is displayed.
In the kyvosclient.properties verify the values for the following.
In the olapengine.properties verify the values for the following.
Property Name | Description | Value |
---|---|---|
CLIENT_URL | Defines the REST API URL for validating SSO by the BI Server. | The Kyvos web URL configured in your environment. |
Copyright Kyvos, Inc. All rights reserved.