• This function enables authentication for multiple web services with only one set of ID/Password.
• In particular, if Okta is introduced, SSO can be achieved even between service providers with different deployment environments such as cloud, on-premises, and mobile applications.

• SAML
  Standard protocol, supported by many products.
• WS-Federation
  It is often used in Microsoft products. Similar behavior to SAML.
• Secure Web Authentication (SWA)
  An authentication scheme created by Okta to provide SSO for applications that do not support SAML. Install the Okta plugin in the user's browser and let the plugin fill in the credentials on your behalf.
• Open ID Connect
  A standard mechanism for next-generation authentication and federated identity systems.

SAML: a protocol for services to delegate authentication to the outside world

Differences in authentication order

• Okta comes pre-configured with a set of configurations for major web applications.
  * More than 6,000 sites (1,500 visible with evaluation license)
• Simply select any application from a catalog (list) called OIN
  Single Sign-On linkage is possible.
• WEB services that are not on OIN can also be linked by creating new ones yourself.
  (Own web application, etc.)

Just find the application in the search filter and press the Add button

Web portal
There is a portal screen for Okta users, and you can access each resource by clicking the service icon. (Folders can also be divided)

• Go to Applications > Applications screen

• Click Browse App Catalog​

• Enter part of the application name you want to create in the search form and select from the displayed search results
  *In this procedure, Box is selected as an example.

• Click Add​

• Enter any app name in Application label, then click Done​

* The setting screen may differ depending on the OIN template.

• Click the Sign On tab, and in Settings View Setup Instructions click the button
  (Transition to the OIN manual page shown below)

• Since the procedure manual is displayed, confirm that the customer-specific character string including the Okta tenant name etc. to be entered on the SP (application) side is displayed, and proceed with the setting of cooperation with the SP.

• On the Assignments tab, click Assign, then click Assign to People​

• Select users to access this application with Assign​

• Enter the account name used to access this application in the User Name field. Enter other necessary items and click Save and Go Back​ ​*If there is no problem with the default, leave it as it is.

• Click Done to complete user assignment

The icon of the previous application will be displayed on the assigned user's portal screen.

After setting up the linkage, click here to start the SSO connection.

• Transition to Applications > Applications screen

• Click Create App Integration​

• Select SAML2.0 and click Next​
  *For applications that support SAML2.0

• Enter the application name and click Next​

*There is no problem with the default logo, but it is recommended to set it to make it easier to identify.

• Enter application login URL and Entity ID

• Go to the bottom of the page and click Next​

• Select I'm an Okta customer adding an internal app and click Finish​

• Click View Setup instructions on the Sign On tab

• Since the SSO URL and certificate on the Okta side are displayed, setting is completed by reflecting it on the application side

• Metadata can be obtained from Identity Provider metadata on the Sign On tab

• Metadata can be saved in the target file and this data can be reflected in the application

• On the Assignments tab, click Assign, then click Assign to People.

• Select the users to access this application in Assign.

• Enter the account name to be used when accessing with this application in User Name. Then click Save and Go Back​
  *If there is no problem with the default, leave it as it is.

• Click Done to complete user assignment