Versions Compared

Version Old Version 2 New Version 3
Changes made by

Subrat Sandilya

Subrat Sandilya

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Go to the Adeptia Connect directory SAML folder and place this file.

  2. Enabling SAML in Adeptia Connect 

    1. Login into Connect Portal and enable SAML for the application by using the link below and restart the Portal Microservices.

  3. Assigning and Creating Users in Okta and Adeptia Connect

    1. Then Go to Assignment and assign your app to User (The same user should be created in Adeptia Connect as a Partner User). Roles also can be configured in Okta which will be sent by Okta to the Adeptia Application as attribute details. 

<saml2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">

...

  1. If a user has more than one role in the application then it will give you the option to select the role from which the user wants to log in after redirecting you in the application.

  2. IDP SSO Initiated URL 

    1. After successful integration with Okta, we can use the IDP SSO Initiated URL as well to log into the AIG DEV Adeptia Application. Go to the 

...

App Embed Link

...

Reference: 1.  Okta Documentation Link: https://www.okta.com/integrate/documentation/saml/

...

AIG AC4  OKTA SAML SSO Configuration (Internal Configurations)

  1. Go to portal deployment value.yaml

  2. Search the property SAML_SSO_ENABLE and change the value ‘false’ to ‘true’ to enable SAML SSO in AC4.

  3. Then search SAML_SSO_METADATA_GENERATOR_ENTITY_BASE_URL property and change the default value(https://ac-webapp-gateway) from application URL like https://aig-dev.adeptia.com

  4. Then search SAML_SSO_IDPS_CONFIGURATION_0_METADATA_LOCATION property and put the client IDP metadata xml 

 file:///shared/SAML/<<client metadata file>>

  1.  Add the below property in to the portal deployment for OKTA SSO

name: SAML_SSO_METADATA_GENERATOR_ENTITY_ID

          value: testing → Example value

...

  1. Import the client okta certificate (.cer) into Adeptia truststore (cacerts) file (optional)

  2. You can download AIG-DEV application metadata by using following link <protocol_name>://<ip_address>:<port_number>/saml2/service-provider-metadata/<registration_Id>

For Example:- https://aig-dev.adeptia.com/saml2/service-provider-metadata/default

  1. “We successfully logged into the application with custom roles configured in Okta, but role switching is disabled when using a custom bean class and enabled when using the default bean class.” To successfully achieve role-switching perform the below-mentioned statement.

Solution: When we set true to the property SAML_SSO_ROLE_SWITCHING_ENABLE  then after logging successfully in the AIG application with custom role, we can see switch role functionality as well.