Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.
The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more.
In this tutorial, you will learn how to integrate the webMethods API Portal with OKTA. This integration provides you with the following benefits:
To configure Okta integration with webMethods API Portal, you need an Okta subscription. If you don't have an Okta environment, you can get a trial account here https://developer.okta.com/signup/.
RelayState that contains the tenant ID, as well as the entry URL of the user, needs to be passed. RelayState should be specified in format base64(tenant,url), e.g. ZGVmYXVsdCxodHRwOi8vYXBpLmZhemlvLmNvbS8jZGVmYXVsdC9ob21l base64(default,http://api.fazio.com/#default/home)
Click finish to create an application
Now we have successfully created an application for integration and provisioned a user for validating, now we need to assign the user to the application.
To assign applications from the People page:
Now we need to get the Identify provider metadata from Okta to configure the values with API Portal UMC console. Identity provider metadata would be available in the newly created application's Sign-on tab.
Key information to look for in the metadata xml would be
Choose user attributes section within SAML configuration in API Portal to map the users various attributes from incoming SAML Assertion
We need to enable the dynamic provision of users within UMC to automatically create users based on SAML assertion that portal receives.
You can configure the default roles to be assigned to a single sign-on user using below configuration
Now we are done. If you logout from UMC and access the portal home page, you should be redirected to Okta for signing in. Once you sign in Okta successfully you will be redirected back to API Portal with a logged-in session.