SSO with Okta SAML
Okta SAML Integration with LeanIX SMP
This documentation is deprecated. Refer to it only if your Authentication & Authorization is still configured via the legacy SMP interface. Please refer to Authentication & Authorization for the latest documentation on Authentication & Authorization.
Create a New Application in Okta
- In Okta admin go to Applications, click Add Application and Create New App
- Select Platform Web and Sign on method SAML 2.0
- Enter App name LeanIX SMP, upload App logo and then click Next
- For SAML settings step you will need data from LeanIX SMP settings. Select Custom (SAML) option for Single Sign On.
In Okta uncheck option - use this for Recipient URL and Destination URL.
Copy Single Sign On URL from LeanIX SMP and paste it in Okta fields:
● Single Sign on URL
● Requestable SSO URLs (check that Allow this app to request other SSO URLs option is enabled)
Copy _Reply URL _from LeanIX SMP and paste it in fields:
● Requestable SSO URLs
● Recipient URL
● Destination URL
Copy Identifier from LeanIX SMP and paste it under
● Audience URI (SP Entity ID)
Set Name ID format to Unspecified and Application username to Email.
- Under Attribute statements set attribute email (Unspecified format) and select value user.email.
- Click Next and Finish in the next step.
- Click View Setup Instructions button
- Copy IDP metadata found on the bottom of the page, create new .xml file on your drive and store IDP metadata XML content.
Setup LeanIX SMP Okta SAML SSO
- In Account settings SSO settings in LeanIX SMP, select Custom (SAML) and upload the file you created before, under Provider metadata.
- Set Allowed domains (e.g. your-company.com) from which are users allowed to sign in.
- Last, click on Enabled checkbox and Save changes for SAML button and
- You should be able to sign in to LeanIX SMP using Okta.
Updated 8 months ago