Customer Actions

You need to do the following actions if OKTA, Azure, and Ping Identity are configured as identity providers (IDPs) in IBM webMethods iPaaS under the Single sign-on tab on the Administration page.

Contact IBM® Support if any external IDPs other than OKTA, Azure, and Ping Identity are configured in IBM webMethods iPaaS.

Note:

The customer actions for the domain name change support the new domain platform.ipaas.ibm.com along with the existing softwareag.cloud domain and ensure that everything continues to work as it is.
After you change the domain names for the identity providers using the steps, the Login URL on the Single sign-on page in IBM webMethods iPaaS still shows the softwareag.cloud domain, which is the intended behavior.

Domain name change

OKTA

Update the single sign-on URLs, if OKTA is configured to connect to IBM webMethods iPaaS as the SAML Identity Provider.

Log in to the Okta Admin console.
Go to Applications and locate and select the configured SAML application for your tenant.
Go to the Configure SAML tab.
Click Edit, then click Next and go to the Show Advanced Settings under the general section on the SAML Settings page.
Go to the Other Requestable SSO URLs field and click the Add Another option for the URL.
Update the URL field in the following format:
https://idm-<region>.platform.ipaas.ibm.com/auth/realms/<realmName>/broker/okta_sso/endpoint.

For more information, see Example of Configuring OKTA to Connect to Software AG Cloud as the SAML Identity Provider.

Azure

Update the single sign-on URLs, if Azure is configured to connect to IBM webMethods iPaaS.

Log in to the Azure AD Portal.
Locate the configured application for your tenant under Enterprise Applications.
Click the Get started link on the second tile on the Set up Single sign on page.
Click Edit in Basic SAML Configuration.
Click Add identifier and enter the URL:
https://idm-<region>.platform.ipaas.ibm.com/auth/realms/<realmName>.

For more information, see Configure Azure Active Directory as an Identity Provider in Software AG Cloud for Single sign-on.

Ping Identity

Update the single sign-on URLs, if Ping Identity is configured to connect to IBM webMethods iPaaS as the SAML Identity Provider.

Log in to Ping account and go to the application.
Create an application by following the steps in Configuring Ping Identity as an Identity Provider in Software AG Cloud for Single sign-on.
Note: Replace the hostname with https://idm-<region>.platform.ipaas.ibm.com/ in the SAML configuration wizard under the settings for webMethods iPaaS, during the set up of a new SAML application.