Integrating Okta as a 3rd party IdP with Symantec MyVIP
search cancel

Integrating Okta as a 3rd party IdP with Symantec MyVIP


Article ID: 151007


Updated On:


VIP Service


 This KB article provides steps to integrate Okta as a 3rd-party IdP with Symantec MyVIP.


VIP Integrations


Instructions for integrating Okta as a 3rd-party IdP for use with MyVIP login

1) Log into your Okta organization using your Administrator account.
2) Click the blue Admin button.
3) Click Add Application.
4) Click the green Create New App button.
5) Select Platform as Web, select Sign-on method as SAML 2.0, then click Create.
6) Click Create to continue.
7) Enter MyVIP as the app name.
8) Choose the appropriate level of app visibility for your organization.
9) Click Next to continue.
10) Enter the following values for the SAML Integration 
Single sign-on URL:
Audience URI (SP Entity ID):
Default Relay State:<>?errorUrl=<>?cancelUrl=<> (note: enter your organization-specific success, error and cancel URLs)
11) Enter your organization's values for Name ID formatApplication username, and Update application username on
12) Optional: To Enable OOB authentication, under ATTRIBUTE STATEMENTS, add a new attribute Email and map it
13) Click the Download Okta Certificate button and download the certificate. 
14) Click Next to continue.
15) Choose I am an Okta customer adding an internal app, then click Finish.
16) The Sign On section of your newly created Example SAML Application application appears.
17) Click View Setup Instructions. This will display a value for the Identity Provider Issuer. Copy this value (ctrl+c). Leave these windows open for later steps. 
18) In a new tab or separate browser window, open VIP Manager, navigate to Accounts, then click the Single sign-on tab. 
19) Click Edit next to IDP Service Settings.
19) Paste the Identity Provider Issuer from step 17 into the Entity ID field. 
20) Click Choose File and upload the Okta certificate downloaded in step 13.
21) Click Submit
22) Navigate back to the Okta tab. Click Assignments.
23) Assign the MyVIP app to your Organization’s users.

Testing the URL

1) Navigate to the Identity Provider Single Sign-On URL.
2) Enter the username and password of a user who has been assigned the MyVip app. 
3) Upon successful first-factor authentication, the user will navigate to VIP Login for second-factor authentication.
4) Upon successful second-factor authentication, the user can configure their VIP Credential in the MyVip application.