Okta Federated Authentication
Updated Mar 20, 2024Configure Okta federated authentication for Arctic Wolf web portals
You can configure Okta® as a Federated Identity Management (FIM) source for Arctic Wolf® web portals.
Steps
- Configure the application integration.
- Set the issuer URL.
- Provide your Okta credentials to Arctic Wolf.
Step 1: Configure the application integration
- Sign in to the Okta Admin Console.
- In the navigation menu, click Applications > Applications.
- Click Create App Integration.
- In the Create a new app integration dialog, configure these settings:
- Sign-in method — Select OIDC - OpenID Connect.
- Application type — Select Web Application.
- Click Next.
- In the next dialog, configure these settings:
- App Integration Name — Enter a descriptive name. For example,
MDR Dashboard
. - Logo — (Optional) Add a logo for the application.
- Grant Type — Select these checkboxes:
- Implicit (hybrid)
- Allow ID Token with implicit grant type
- Allow Access Token with implicit grant type
- Sign-in redirect URIs — Enter
https://auth.arcticwolf.com/login/callback
. - Sign-out redirect URIs — Click X to clear all fields.
- Trusted Origins — Click X to clear all fields.
- Controlled Access — Select an option.
- Enable immediate access — Select Enabled immediate access with Federation Broker Mode.
- App Integration Name — Enter a descriptive name. For example,
- Click Save.
- Click the General tab.
- Copy the Client ID and Client secret values, and then save them in a safe, encrypted location. You will provide them to Arctic Wolf later.
Step 2: Set the issuer URL
- Click the Sign On tab.
- In the OpenID Connect ID Token section, in the Issuer list, select Okta URL.
- Click Save.
- Copy the Okta URL.
- Add
/.well-known/openid-configuration
to the end of the Okta URL to create the Issuer URL. For example, if the Okta URL ishttps://demo1234.okta.com
, the Issuer URL ishttps://demo1234.okta.com/.well-known/openid-configuration
. - Copy the Issuer URL, and then save it in a safe, encrypted location. You will provide it to Arctic Wolf later.
Step 3: Provide your Okta credentials to Arctic Wolf
-
Sign in to the Arctic Wolf Unified Portal.
-
Click Telemetry Management > Connected Accounts.
-
Click Add Account +.
-
On the Add Account page, in the Account Type list, select Federated Authentication.
-
Click OpenID Connect.
-
On the Add Account page, configure these settings:
- Account Name — Enter a unique and descriptive name for the account. For example,
Okta SSO
. - Issuer URL — Enter the IdP Issuer URL.
- Client ID — Enter the IdP-issued client ID.
- Client Secret — Enter the IdP-issued client secret.
- Domain Name — Enter your company email domain name.
- Credential Expiry — (Optional) Enter the credential expiration date, if applicable.
- Account Name — Enter a unique and descriptive name for the account. For example,
-
Click Test and Submit Credentials.
Arctic Wolf automatically receives a ticket to complete the federated authentication setup. You receive a confirmation Zendesk email when the account setup is complete.