Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Configuring Okta as SAML (2.0) identity provider for Deep Discovery Inspector (DDI)

    • Updated:
    • 6 Apr 2021
    • Product/Version:
    • Deep Discovery Inspector All
    • Platform:
Summary
This article provides the steps on how to configure Okta as a SAML identity provider for Deep Discovery Inspector (DDI) to use.
Details
Public
  1. Log in to your OKTA account.
  2. Navigate to Applications > Applications > Add Application.

    Add Application

  3. Click Create New App.

    Create New App

    The Create a New Application Integration window appears.

    1. Select the following options for the corresponding fields:
      • Platform: Web
      • Sign on method: SAML 2.0
    2. Click Create.

    New Application Integration

  4. In the App name field, enter any name. For this example, we used DDI test. Click Next.

    App name

  5. On your DDI console, go to Administration > Integrated Products/Services > SAML Authentication > Service Provider and copy the Entity ID and Single Sign On URL.

    copy Entity ID and Single sign on URL

  6. Go back to your Okta account. In the Create SAML Integration window, enter the following information:

    • Single sign on URL: enter Single sign on URL from step 5
    • Audience URI (SP Entity ID): enter Entity ID from from step 5
    • Name ID format: select EmailAddress

    paste copied Entity ID and Single sign on URL

  7. In the Group Attribute Statements window, enter the following:
    • Name: DDI_GROUP
    • Filter: Matches regex, ^(.*)*$

    Click Next to complete the creation.

    Click Next

  8. Navigate to Application > Your Application > Assignments.

    go to Assignments

  9. To create a group, click Assign > Assign to Groups.

    Assign to Groups

    For this example, Everyone is selected. Click Assign then click Done.

    Click Assign and Done

  10. Check the People tab and it will automatically add your account.

    People tab

  11. Navigate to Application > Your Application > Sign On tab.
  12. Click the Identity Provider metadata link to download. Save the xml file.

    download metadata

  13. Navigate to DDI > Administration > Integrated Products/Services > SAML Authentication > Identity provider then click Add.

    go to Identity provider

    The Add Identity Provider window appears.

  14. Enter the Service Name and click Select to upload the Okta Identity Provider metadata. Click Save.

    Add Identity Provider window

    upload the Okta Identity Provider metadata

  15. Navigate to Administration > Accounts > SAML tab, then click Add.

    SAML tab

     
    Claim Value should be the exact word you use as group name on your OKTA (refer to step 9).
     
  16. Test your OKTA login, the application that you created should appear right after you log in to your OKTA account.

    check OKTA login

  17. After clicking the application, it should redirect you to your DDI console without issuing any username or password. Verify that you are using your Okta account on the DDI console.

    redirected to DDI console

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000286185
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.