Onboarding and Self-Service


Okta Federated Authentication

Updated Feb 21, 2024

Configure Okta federated authentication for Arctic Wolf web portals

You can configure Okta® as a Federated Identity Management (FIM) source for Arctic Wolf® web portals.

Steps

  1. Configure the application integration.
  2. Set the issuer URL.
  3. Provide your Okta credentials to Arctic Wolf.

Step 1: Configure the application integration

  1. Sign in to the Okta Admin Console.
  2. In the navigation menu, click Applications > Applications.
  3. Click Create App Integration.
  4. In the Create a new app integration dialog, configure these settings:
    • Sign-in method — Select OIDC - OpenID Connect.
    • Application type — Select Web Application.
  5. Click Next.
  6. In the next dialog, configure these settings:
    • App Integration Name — Enter a descriptive name. For example, MDR Dashboard.
    • Logo — (Optional) Add a logo for the application.
    • Grant Type — Select these checkboxes:
      • Implicit (hybrid)
      • Allow ID Token with implicit grant type
      • Allow Access Token with implicit grant type
    • Sign-in redirect URIs — Enter https://auth.arcticwolf.com/login/callback.
    • Sign-out redirect URIs — Click X to clear all fields.
    • Trusted Origins — Click X to clear all fields.
    • Controlled Access — Select an option.
    • Enable immediate access — Select Enabled immediate access with Federation Broker Mode.
  7. Click Save.
  8. Click the General tab.
  9. Copy the Client ID and Client secret values, and then save them in a safe, encrypted location. You will provide them to Arctic Wolf later.

Step 2: Set the issuer URL

  1. Click the Sign On tab.
  2. In the OpenID Connect ID Token section, in the Issuer list, select Okta URL.
  3. Click Save.
  4. Copy the Okta URL.
  5. Add /.well-known/openid-configuration to the end of the Okta URL to create the Issuer URL. For example, if the Okta URL is https://demo1234.okta.com, the Issuer URL is https://demo1234.okta.com/.well-known/openid-configuration.
  6. Copy the Issuer URL, and then save it in a safe, encrypted location. You will provide it to Arctic Wolf later.

Step 3: Provide your Okta credentials to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.

  2. Click Telemetry Management > Connected Accounts.

  3. Click Add Account +.

  4. On the Add Account page, in the Account Type list, select Federated Authentication.

  5. Click OpenID Connect.

  6. On the Add Account page, configure these settings:

    • Account Name — Enter a unique and descriptive name for the account. For example, enter Okta SSO or OneLogin ODIC Connector.

    • Issuer URL — Enter the IdP Issuer URL.

    • Client ID — Enter the IdP-issued client ID.

    • Client Secret — Enter the IdP-issued client secret.

    • Domain Name — Enter your company email domain name.

    • Credential Expiry — (Optional) Enter the credential expiration date, if applicable.

  7. Click Test and Submit Credentials.

    Arctic Wolf automatically receives a ticket to complete the federated authentication setup. You receive a confirmation Zendesk email when the account setup is complete.

See also