Configure OKTA SAML For Use With Console Logins

search cancel

book

calendar_today

Carbon Black App Control (formerly Cb Protection)

Required Okta SAML Attribute Settings and how to configure Okta SAML Integration with the App Control Console.

ATTENTION: The following information is a best effort.

Aspects of configuring Okta for use with Service Providers (App Control) may have changed since this was written.
- Maintaining documentation on 3rd party applications is outside the scope of Carbon Black Support.
- Assistance from Okta Support may be required to properly configure the SAML Response for use with App Control.
As a reminder, users must first exist in the App Control Console with an email address that matches the user in Okta.
Review Integrate an Identity Provider (IdP) for SAML Logins for more details.

Log in to the App Control Console
1. Navigate to: Settings > System Configuration > SAML Login
2. Service Provider > choose Manual
3. Note the details as they will be required in the next step
Log in to the Okta Admin Console
1. Navigate to: Applications > Applications > Create App Integration
2. Select SAML 2.0 > Next
3. Specify the details from the App Control Console
  - Service Provider Name (ex: App Control)
  - Audience URI (Entity ID from App Control)
  - Single sign-on URL
4. Map the NameID attribute to follow the format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
5. Review and save the XML generated by Okta from the SAML settings were provided.
In the App Control Console
1. Settings > System Configuration > SAML Login
2. Identity Provider > Add Identity Provider
3. Input the IDP Name (ex: Okta) and paste (or upload) the SAML XML from Okta.

thumb_up Yes

thumb_down No