This document provides a step-by-step introduction for configuring Okta to work with HYPR. In this guide HYPR will be setup as both a SAML-SP and a SAML-IdP for Okta.
The HYPR SAML-SP configuration is configured to allow users to authenticate with Okta into the HYPR Registration Portal.
The HYPR SAML-IdP configuration allows HYPR to act as a passwordless frontend for Okta. Users can authenticate with HYPR to get access directly into their Okta portal.
- Log into your Okta administration portal.
- Go To Applications on the top menu and click “Add Application”.
- In the create application screen, select “Create New Application”. Select “Web” as the platform and “SAML 2.0” as the Sign on method then click the “Create” button.
- Give your app a name and click the “Next” button. You can also optionally provide an App logo here, which will display as an icon in the user's portal.
- On the Configure SAML screen, put in the HYPR Single Sign On URL. This will be your HYPR environment URL with
/hyprsp/saml/SSOat the end of it. An example of this is:
https://example.hypr.com/hyprsp/saml/SSO.This is the URL that consumes SAML messages on the HYPR Service Provider.
Also, provide the Audience URI/SP Entity ID. For HYPR, this will be
Press the Next button after leaving the other values as defaults.
- Select the "I'm an Okta customer adding an internal app" option from the 'Are you a customer or partner?' selection and click “Finish”.
- Copy your Identity Provider metadata URL, and provide this to the HYPR team.
- Click the View Setup Instructions Link on the next page to proceed to the information required for HYPR to complete the SAML integration.
- Copy the Identity Provider Single Sign-On URL and the X.509 Certificate and paste it into your HYPR SP configuration file. This file is provided by the HYPR deployment team. Your HYPR team can finish the HYPR SAML configuration with this information.
- Log into your Okta Service Portal. Select Identity Providers under the Security drop-down menu.
- Select Add Identity Provider and select SAML 2.0 IdP.
- Within the configuration settings for this Identity Provider input the following configuration:
Any value, utilized to identify the Identity Provider by an Okta admin following creation.
If no match is found
Redirect to Okta sign-in page
IdP Issuer URI
IdP Single Sign-on URL
The Single Sign-On URL which will be your IDP domain with
IdP Signature Certificate
Upload the IdP certificate provided by the HYPR team.
Updated 3 months ago