Steps needed to complete the Carbon Black Cloud AuthHub migration for customers using Okta IDP

• Carbon Black Cloud
• Okta

1. Create a custom SAML 2.0 app in Okta. Do not re-use the old one - it will be needed should the migration need to be reverted.
2. Within Okta, under "Configure SAML " > General, set the "Single sign-on URL" as the "Entity ID / Audience" shown in the migration wizard. Set the "Audience URI (SP Entity ID)" as the "Assertion Consumer Service URL / Recipient" shown in the wizard as well (https://access.broadcom.com/default/saml/v1/sp/acs)
   
   
3. Create the required attributes ("FirstName", "LastName", "Email"). Note these attributes as they will be needed in Step 6.
   
4. Click "Next" > Finish
5. On the "Sign On" tab of Okta click "View SAML setup instructions"
   
6. Take the information from Okta and enter it on the "Configure AuthHub Attributes" migration UI screen:
   Copy the "FirstName","LastName", and "Email" attributes from step 3 and enter them in their respective section.
   Copy the "Identity Provider Single Sign-On URL" and enter it in the "Single sign-on URL (HTTP-redirect binding)" field in the migration UI window.
   Copy the "Identity Provider Issuer" and enter it in the "Entity ID" or "Issue URL / Issue Unique Identifier" field in the migration UI window.
   Copy the "X.509 Certificate" and enter it in the migration UI window.
   
   
7. Complete the rest of the migration wizard.

• After migration it's recommended to try logging in with Incognito mode, and clearing the browser cache if seeing strange or inconsistent login behavior
• Carbon Black Cloud AuthHub Migration FAQ
• Login fails using SAML Tile
• Redirected Back to Console
• Account has been suspended message after login