Learn about the Wavefront Okta Integration.

Okta Integration

Okta is a popular identity management product that can be integrated with Wavefront to enable single sign-on.

Okta Setup

After setting up the Okta integration, users can authenticate to Wavefront through Okta instead of using a password. New users who did not exist in Wavefront are auto-created on the Wavefront side when they authenticate for the first time.

Step 1. Create the Wavefront Application in Okta

Note: Steps 1 - 12 are only required if the Wavefront application is not present in Okta. Otherwise, proceed to step 13 to copy and paste the metadata.

  1. In Okta, click Add Applications.
  2. Click Create New App.
  3. In the Create a New Application dialog, select SAML 2.0 and click Create.
  4. In the App name field, type Wavefront.
  5. Right-click and save the Wavefront logo: images/wavefront_logo_okta.png

  6. In the App logo field, browse to the logo file and click Upload Logo.
  7. Click Next.
  8. Enter the following SAML settings:
    • Single sign on URL - https://YOUR_CLUSTER.wavefront.com/api/saml/login
    • Use this for Recipient URL and Destination URL - Checked
    • Audience URI (SP Entity ID) - https://YOUR_CLUSTER.wavefront.com
    • Default RelayState - <LEAVE BLANK>
    • Name ID Format - EmailAddress
    • Application username - Email
  9. Click Next.
  10. In the Are you customer or partner? field, select I’m an Okta customer adding an internal app.
  11. In the App type field, select This is an internal app that we have created.
  12. Click Finish.
  13. In the application Sign On tab, click View Setup Instructions and click the Identity Provider metadata link to copy and paste the metadata.

    images/okta_metadata_url.png

Step 2. Send the Identity Provider Metadata to Wavefront and Complete the Setup

  1. Log in to your Wavefront instance as a user with SAML IdP Admin permissions.
  2. From the gear icon in the top right corner, select Self Service SAML.
  3. From the Identity Provider drop-down menu, select Okta.
  4. Paste the downloaded metadata from Step 1 into the Configure Connection text box.
  5. To validate the metadata, click Test. The Okta login page opens in a new browser window.
  6. Log in to Okta.
  7. After the login is successful, click the Save button.

    Note: The Save button is disabled until you’ve completed a test successfully.