Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)

Okta uses SAML 2.0 protocol to communicate with web applications (like Kyvos) for carrying on SSO. To use Okta for external authentication in Kyvos, enable SAML for the Kyvos Web application.
To know more about SAML 2.0, click here.

Prerequisites

1. To enable SAML for Kyvos, you must have the following certificate files

   1. X.509 certificate file

   2. Service Provider Key File

2. Register the Kyvos application with your Okta account, and generate and download the following:

   1. Single Sign-On URL

   2. Identity Provider Issuer

   3. X.509 Certificate File

3. To configure SAML2.0 as an external authentication provider for the Kyvos Web Portal, you must add the following values when creating the application in Identity Provider (IdP) for Single Sign On:

   • Sign-in redirect URIs: /kyvos/oauthRedirect

   • Sign-out redirect URIs: /kyvos/#/master/SSOLogout

SAML configuration in Kyvos Manager

To configure SAML2.0 as an external authentication provider for the Kyvos Web Portal, perform the following steps. 

1. On the Kyvos Manager, navigate to Security > Web based SSO page.

2. Select the Enable External Authentication checkbox to define the external authentication mechanism for the Kyvos Web portal.

3. Select the SAML2.0 option from the Provider list.

   Open

   

4. Enter details as:

5. Click the Save button to save changes.

Verifying configuration in Kyvos Manager

Once the settings are saved, verify the values of these properties in the Kyvos Manager.

1. For this, click Manage Kyvos  Properties. The Properties page is displayed.

2. In the kyvosclient.properties verify the values for the following.

3. In the olapengine.properties verify the values for the following.