SSO with Okta SAML

Okta SAML Integration with LeanIX SMP

📘

Information

Instruction on this page is only valid for the SaaS Management Product (SMP) product only. If you want to implement a single sign-on (SSO) for Enterprise Architecture Management (EAM) and Value Stream Management (VSM), please go here.

Create a New Application in Okta

  1. In Okta admin go to Applications, click Add Application and Create New App
  1. Select Platform Web and Sign on method SAML 2.0
  1. Enter App name LeanIX SMP, upload App logo and then click Next
  1. For SAML settings step you will need data from LeanIX SMP settings. Select Custom (SAML) option for Single Sign On.

In Okta uncheck option - use this for Recipient URL and Destination URL.

Copy Single Sign On URL from LeanIX SMP and paste it in Okta fields:
Single Sign on URL
Requestable SSO URLs (check that Allow this app to request other SSO URLs option is enabled)

Copy Reply URL from LeanIX SMP and paste it in fields:
Requestable SSO URLs
Recipient URL
Destination URL

Copy Identifier from LeanIX SMP and paste it under
Audience URI (SP Entity ID)

Set Name ID format to Unspecified and Application username to Email.

  1. Under Attribute statements set attribute email (Unspecified format) and select value user.email.
  1. Click Next and Finish in the next step.
  1. Click View Setup Instructions button
  1. Copy IDP metadata found on the bottom of the page, create new .xml file on your drive and store IDP metadata XML content.

Setup LeanIX SMP Okta SAML SSO

  1. In Account settings SSO settings in LeanIX SMP, select Custom (SAML) and upload the file you created before, under Provider metadata.
  1. Set Allowed domains (e.g. your-company.com) from which are users allowed to sign in.
  2. Last, click on Enabled checkbox and Save changes for SAML button and
  3. You should be able to sign in to LeanIX SMP using Okta.

Did this page help you?