Instructions for integrating Okta as a 3rd-party IdP for use with MyVIP login
1) Log into your Okta organization using your Administrator account.
2) Click the blue Admin button.
3) Click Add Application.
4) Click the green Create New App button.
5) Select Platform as Web, select Sign-on method as SAML 2.0, then click Create.
6) Click Create to continue.
7) Enter MyVIP as the app name.
8) Choose the appropriate level of app visibility for your organization.
9) Click Next to continue.
10) Enter the following values for the SAML Integration
Single sign-on URL: https://login.vip.symantec.com/viplogin/saml2/SSO
Audience URI (SP Entity ID): login.vip.symantec.com/viplogin
Default Relay State: https://login.vip.symantec.com/viplogin/home/home?successUrl=<>?errorUrl=<>?cancelUrl=<> (note: enter your organization-specific success, error and cancel URLs)
11) Enter your organization's values for Name ID format, Application username, and Update application username on.
12) Optional: To Enable OOB authentication, under ATTRIBUTE STATEMENTS, add a new attribute Email and map it user.email
13) Click the Download Okta Certificate button and download the certificate.
14) Click Next to continue.
15) Choose I am an Okta customer adding an internal app, then click Finish.
16) The Sign On section of your newly created Example SAML Application application appears.
17) Click View Setup Instructions. This will display a value for the Identity Provider Issuer. Copy this value (ctrl+c). Leave these windows open for later steps.
18) In a new tab or separate browser window, open VIP Manager
, navigate to Accounts
, then click the Single sign-on
19) Click Edit next to IDP Service Settings.
19) Paste the Identity Provider Issuer from step 17 into the Entity ID field.
20) Click Choose File and upload the Okta certificate downloaded in step 13.
21) Click Submit
22) Navigate back to the Okta tab. Click Assignments.
23) Assign the MyVIP app to your Organization’s users.
Testing the URL
1) Navigate to the Identity Provider Single Sign-On URL.
2) Enter the username and password of a user who has been assigned the MyVip app.
3) Upon successful first-factor authentication, the user will navigate to VIP Login for second-factor authentication.
4) Upon successful second-factor authentication, the user can configure their VIP Credential in the MyVip application.