Configuring Single Sign-On (SSO) using SAML 2.0 for Okta9 minutes to read
ManageEngine PAM360 offers support for SAML 2.0, which facilitates integration with Federated Identity Management Solutions for Single Sign-On. PAM360 acts as the Service Provider (SP) and it integrates with Identity Providers (IdP) using SAML 2.0. The integration basically involves supplying details about SP to IdP and vice-versa. Once you integrate PAM360 with an IdP, the users have to just login to IdP and then, they can automatically login to PAM360 from the respective identity provider's GUI without having to provide credentials again. PAM360 supports out-of-the-box integration with Okta. Note: PAM360 allows users to configure SAML SSO for Secondary server as a service provider, which allows users to log in to PAM360 using the Secondary server when Primary is down. Integrating PAM360 with Okta involves the following four steps: 1. Adding PAM360 as an Application on the Okta Dashboard
2. Configuring Okta Details in PAM360You need to configure IdP details in PAM360. This is done as part of the second step, Configure Identity Provider Details in PAM360's SAML Single Sign On page. Here, you have the option either to enter the details manually or auto-fill the same by supplying the metadata file from the IdP.
3. Assigning PAM360 Application to Users in OktaAfter completing the configurations in PAM360, return to the Okta portal to assign the newly added application to your users. To do so:
4. Enabling SAML Sign-On in PAM360The final step of this configuration is enabling SAML Single Sign On in PAM360. This would be shown as the 4th step in the SAML page in PAM360 GUI. Click Enable Now shown at the bottom right to begin using this feature. Note: In case Active Directory authentication is enabled for PAM360 login, SAML SSO cannot be enabled. To disable AD authentication, go to Admin >> Active Directory. | |
[Webinar] Weave privileged access security into your org-wide ITSM workflows. Register now