Configuring Okta as an identity provider for Trend Micro Cloud App Security (CAS)

Product / Version includes:

Cloud App SecurityAll

Last updated: 2022/03/18

Solution ID: KA-0012725

Category: Configure

Summary

Okta is a standards-compliant OAuth 2.0 authorization server that provides cloud identity solutions for your organization, and a single sign-on provider that makes it easy to manage access to your Cloud App Security account.

This section describes how to configure Okta as a SAML (2.0) identity provider for Cloud App Security to use.

Prerequisites

Before you begin configuring Okta, make sure that:

You have a valid subscription with Okta that handles the sign-in process and eventually provides the authentication credentials to the Cloud App Security management console.
You are logged on to the management console as a Cloud App Security global administrator. For details, see Administrator and Role.

Setting up SSO using Okta

Log in to your Okta organization as a user with administrative privileges.
Click Admin in the upper-right.

^{Click the image to enlarge.}
Navigate to Applications > Applications, then click Create App Integration.

^{Click the image to enlarge.}
Select SAML 2.0 as the Sign in method, and then click Next.

^{Click the image to enlarge.}
On the General Settings screen, enter "Cloud App Security" in the App name field, and click Next.

^{Click the image to enlarge.}
On the Configure SAML screen, specify the following:
1. Type the Cloud App Security logon URL in Single sign on URL based on your serving site.
  For example, if the URL of your Cloud App Security management console in the address bar is "https://admin.tmcas.trendmicro.com" after logon, type https://admin.tmcas.trendmicro.com/ssoLogin in Single sign on URL.
2. Select Use this for Recipient URL and Destination URL.
3. Specify the Audience URI in Audience URI (SP Entity ID), which is the Cloud App Security logon URL of your serving site.
  For example, if the URL of your Cloud App Security management console in the address bar is "https://admin.tmcas.trendmicro.com" after logon, the Audience URI is https://admin.tmcas.trendmicro.com.
4. Select EmailAddress in Name ID format.
5. Select Okta username in Application username.
6. Click Next.
^{Click the image to enlarge.}
On the Feedback screen, click I'm an Okta customer adding an internal app. Select This is an internal app that we have created, and then click Finish.

^{Click the image to enlarge.}
Click the View Setup Instructions button.

^{Click the image to enlarge.}
Record the URL in Identity Provider Single Sign-On URL and the certificate content in X.509 Certificate.

^{Click the image to enlarge.}
Assign the application to people.

Make sure to add these users as Administrators in the Cloud App Security management console.
1. Select Directory > People.
  
  ^{Click the image to enlarge.}
2. Click the user that you want to assign the application to, and then click Assign Applications.
  
  ^{Click the image to enlarge.}
3. Locate the Cloud App Security you added, and click Assign.
  
  ^{Click the image to enlarge.}
4. Verify the user name and click Save and Go Back.
  
  ^{Click the image to enlarge.}
5. Confirm that the application is assigned to this user.
  
  ^{Click the image to enlarge.}
6. Repeat the above steps to assign the application to more users as necessary.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Configuring Okta as an identity provider for Trend Micro Cloud App Security (CAS)

Prerequisites

Setting up SSO using Okta

Configuring Okta as an identity provider for Trend Micro Cloud App Security (CAS)

Product / Version includes:

Summary

Prerequisites

Setting up SSO using Okta