[FNMS SAML Setup] Okta configuration guide to enable SSO / SAML in FlexNet Manager Suite

[FNMS SAML Setup] Okta configuration guide to enable SSO / SAML in FlexNet Manager Suite

This article is a part of a wider topic, see parent page.

Configuring SAML application in Okta

Step 1 - Creating the SAML application

  • Go to Okta Admin and navigate to Applications page.
  • Click on "Add Application" button and then click on "Create New App".
  • Choose "Web" as the platform and "SAML 2.0" as the sign-on method.
  • Fill in any application name, e.g. "FlexNet Manager Suite", and click on the "Next" button.

Step 2 - Filling in the SAML settings

Important - all of the above URLs are case sensitive, and ensure there is no trailing slash or space characters in the URL.

Okta - SAML settingsOkta - SAML settings

[Optional] Step 3 - Configuring attribute statements

This is an optional step. You can configure the following attributes to pass "claims" that can be understood by FlexNet Manager Suite and will be used to pre-fill operator details.

Okta - attribute statementsOkta - attribute statements

Step 4 - Providing the necessary details to your FlexNet Manager Suite administrator

  • Once the application is created successfully in your IdP, go to the 'Sign on' tab in the SAML Application, and click on 'View Setup Instructions'.
  • You will need to provide the following information to your FlexNet Manager Suite administrator:

 


WHAT'S NEXT

  • To complete your SSO setup in FlexNet Manager Suite, refer to the parent article.
  • Alternatively, continue reading this article to browse other Okta-specific configurations you might be interested in.

 

[Advanced] Automatically granting Administrator role to your newly created operators.

This is helpful when used together with createUnknownOperator="true" setting that you can set in FlexNet Manager Suite web.config file. This can be achieved by passing either one of the attribute values below:

 

[Advanced] Enabling Single Logout in Okta

Prerequisites:

  • You are using FlexNet Manager Suite On-premise offering.
  • You have completed the Single Logout configuration in FlexNet Manager Suite, and as such have acquired the public certificate corresponding the private key FlexNet Manager Suite uses to sign outgoing SAML requests.

To enable Single Logout (SLO) in Okta:

  • Go to Okta Admin and navigate to Applications page.
  • Click on "FlexNet Manager Suite" application.
  • On the General tab > SAML Setting section, click on "Edit" link.
  • Go to next step and click on "show advanced settings".
  • Check Enable Single Logout / Allow application to initiate Single Logout checkbox.
  • Specify the following details:
    • Single Logout URL: https://flexnet.myorganization.com/Suite/AuthServices/Logout
    • Signature Certificate: browse and upload the public certificate of your Service Provider (FlexNet Manager Suite) signing key.
    • SP Issuer: issuer of the Service Provider certificate you uploaded, used by Okta for validation.
  • Click on "Next" button and save your changes.

Okta - Single Logout (SLO) settings under SAML Settings > Show Advanced SettingsOkta - Single Logout (SLO) settings under SAML Settings > Show Advanced Settings

Was this article helpful? Yes No
No ratings
Version history
Revision #:
6 of 6
Last update:
‎Aug 07, 2020 10:43 AM
Updated by:
 
Contributors