Describes the SAML 2.0 parameters for Okta as an identity provider for Cortex XSOAR.
The following table describes the SAML 2.0 parameters for Okta, when adding a new instance in Cortex XSOAR:
A name for the integration instance.
Service Provider Entity ID
The URL of your Cortex XSOAR server (also known as an ACS URL). In the format: https://yourdomain.com/saml
IdP metadata URL
URL of your organization’s IdP metadata file. You can find this in the Sign On tab in Otka or when defining an Okta application, as described in Define the Okta Application to authenticate Cortex XSOAR.
IdP metadata file
Your organization’s IdP metadata file. You either need to add the IdP metadata URL or the file.
IdP SSO URL
The URL of the IdP application that corresponds to Cortex XSOAR. You can copy and paste the IdP SSO URL in Okta, when clicking View Setup Instructions.
Attribute to get username
Attribute in your IdP for the user name.
Attribute to get email
Attribute in your IdP for the user's email address.
Attribute to get first name
Attribute in your IdP for the user's first name.
Attribute to get last name
Attribute in your IdP for the user's last name.
Attribute to get phone
Attribute in your IdP for the user's phone number.
Attribute to get groups
Attribute in your IdP for the groups of which the user is a member.
Groups list separator.
Role to assign to the user when they are not a member of any group.
Only used by certain IdPs. If your IdP uses relay state, you need to supply the relay state.
Sign request and verify response signature
Method for the IdP to verify the user sign-in request using the IdP vendor certificate.
Identity Provider public certificate
Public certificate for your IdP.
Service Provider Private key (pem format).
Do not map SAML groups to Cortex XSOAR roles
SAML groups will not be mapped to Cortex XSOAR roles.