Instruction on this page is only valid for the SaaS Management Product (SMP) product only. If you want to implement a single sign-on (SSO) for Enterprise Architecture Management (EAM) and Value Stream Management (VSM), please go here.
- In Okta admin go to Applications, click Add Application and Create New App
- Select Platform Web and Sign on method SAML 2.0
- Enter App name LeanIX SMP, upload App logo and then click Next
- For SAML settings step you will need data from LeanIX SMP settings. Select Custom (SAML) option for Single Sign On.
In Okta uncheck option - use this for Recipient URL and Destination URL.
Copy Single Sign On URL from LeanIX SMP and paste it in Okta fields:
● Single Sign on URL
● Requestable SSO URLs (check that Allow this app to request other SSO URLs option is enabled)
Copy Reply URL from LeanIX SMP and paste it in fields:
● Requestable SSO URLs
● Recipient URL
● Destination URL
Copy Identifier from LeanIX SMP and paste it under
● Audience URI (SP Entity ID)
Set Name ID format to Unspecified and Application username to Email.
- Under Attribute statements set attribute email (Unspecified format) and select value user.email.
- Click Next and Finish in the next step.
- Click View Setup Instructions button
- Copy IDP metadata found on the bottom of the page, create new .xml file on your drive and store IDP metadata XML content.
- In Account settings SSO settings in LeanIX SMP, select Custom (SAML) and upload the file you created before, under Provider metadata.
- Set Allowed domains (e.g. your-company.com) from which are users allowed to sign in.
- Last, click on Enabled checkbox and Save changes for SAML button and
- You should be able to sign in to LeanIX SMP using Okta.
Updated about 1 month ago