Integrating with Okta

Okta doesn't provide automatic setup of SAML applications by uploading the Service Provider metadata. This small tutorial guides you through the necessary steps to get Instana integrated with Okta as a SAML app.

Prerequisites

After SAML is activated for a tenant, you have no other way to log in to Instana. The SAML configuration can be deleted through API by using a token with enough permissions.

  • You require administrator privileges in Okta.
  • Open the SAML configuration page in Instana, where you need to copy and paste some values between there and Okta.

SAML

Creating the SAML app in Okta

  1. From the list on Okata UI, select the application perspective in Okta.

    Okta SAML Application

  2. Click Add Application.

    Okta add SAML Application

  3. To open the wizard, click Create Application.

    Okta create SAML Application

  4. You are going to create a SAML 2.0 application. That's what you are going to select from the dropdown list.

    Okta Wizard page 1

  5. Name the application, such as Instana in the following case.

    Okta Wizard page 2

  6. Copy the ACS URL from the Instana-SAML setup page, and put it in Single sign on URL.

  7. Change Name ID Format to EmailAddress.

  8. Change Application username to Email.

    Okta Wizard page 3

That's it. The final page gives you an overview of the SAML application that you just created.

In this page, you can now download the Identity Provider metadata.

To activat the SAML integration, you need to store the Identity Provider metadata locally, switch to the Instana-SAML setup page and upload the file.

Okta Wizard page 4

Adding users to Instana

With SAML enabled, this is the only way for your users to access Instana.

To enable users, you must get the SAML app that is assigned to you.

Open the application overview in Okta, and select to assign a user from the dropdown list.

Make sure that every user has an associated email address.

Each new user can receive the default role during their first login.

Okta add user