Configuring Single Sign On for FedRAMP

    Monday, June 3, 2024In: Getting Started Print

    Single sign on is supported using SAML 2.0 authentication. Instead of relying on local authentication for passwords and security policies, users may set their own authentication using a managed Identity Provider.

     

    ​Preparing Okta for Integration with Own​​

    1. Open Okta.
    2. Navigate to the ​Applications​​ page.
    3. Click ​Create App Integration.
    4. Select ​SAML 2.0​ and click ​Next.
    5. Enter an ​App name​​, change the ​App logo​ if desired, and click ​Next.
    6. In the ​SAML Settings​ window, enter the following information and click ​Next​:
      • Single sign-on URL:​​ https://us2.ogc-ownbackup.com/saml/consume
      • Audience URI (SP Entity ID):​​ https://sso-us2.ogc-ownbackup.com
      • Name ID format:​ Select ​EmailAddress​​ from the drop-down list.
      • Application username:​ Select ​Email​​ from the drop-down list.

    1. Select the Feedback option that applies and click ​Finish​​. The newly created app is automatically displayed.
    2. Select the ​Assignments​​ tab and assign users to the application.
    3. Select the ​Sign On​ tab to view the SAML 2.0 connection information required for enabling single sign on. On the right of the page, click ​View SAML setup instructions.
    4. A configure page opens. Download the ​X.509 Certificate​ and copy the ​Identity Provider Issuer.
    5. Test the new app by using the ​Identity Provider Single Sign-On URL​​ and move on to enabling single sign on.​

     

    Enabling Single Sign On

    1. Log in to the Own Data Platform.
    2. Navigate to the Account Options menu and click ​Account Settings.
    3. On the Account Settings page, select the ​Security​​ tab.
    4. Select ​Single Sign On (SSO)​​ and enter the following information:
      • ​Identity Provider name:​​ Provide a name for the single sign on provider.
      • SAML issuer:​ Enter the Okta ​Identity Provider Issuer​​.
      • Certificate fingerprint:​ Ensure the downloaded certificate has a ​.pem​ file extension and click ​Upload certificate...​​ to add the certificate.
      • Logout URL:​​ Provide the URL for a webpage to display after logging out.
    5. Click ​Save Changes to enable single sign on and complete the process.
    « Previous ArticleNext Article »


    Privacy & Security StatementTerms & Conditions
    Copyright © 2024 by Own - All rights reserved.