Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Okta IdP SSO Integration Guide

            Created by Jason Carreiro, Modified on Wed, 15 Feb 2023 at 04:06 PM by Marc Chouinard

            Scenario:

            Proofpoint Essentials supports integration with Identity Providers for authentication adhering to Security Assertion Markup Language (SAML) standards. Multiple identity providers for an organization are fully supported.

            Proofpoint Essentials supports single sign-on (SSO) via Security Assertion Markup Language. When working with an external IdP, it can be set up as your identity provider (IdP) for SSO to Proofpoint Admin Console.

            Okta SAML/SSO Configuration:

            1. Navigate to Administration > Account Management > Identity Providers.

              clipboard_ed6d9e743a57df22c428e7246e1fecdd6.png

            2. At the top right-hand corner, click Add Identity Provider.

            3. In the New Identity Provider dialog panel, add a meaningful name and description to the Identity Provider. The given name will display on the Identity Provider button on the main login screen.

              clipboard_e2c83480a548465a152f9345d0c18249d.png

            4. In the Icon section, select the appropriate icon according to your desired integration (Okta).

            5. Click Next

            Configuring SAML/SSO In Okta Portal

            1. Log into Okta as administrator.

            2. Select Application > Add a New SAML App - > Create SAML Integration.

              clipboard_ee8e17277d6c5891d51290c38d4cf26a8.png

            3. Give your app a name and select next.

              clipboard_ed80c87978cc63cad3f9051865343dd3e.png

            4. Copy and paste the values from Proofpoint Essentials Identity Provider setup into the following fields.

              Okta

              Proofpoint Essentials

              Single sign on URL

              		Login URL

              Audience URI (SP Entity ID)

              Entity ID

              Single Logout URLLogout URL

            5. Check/Tick Use this for Recipient URL and Destination URL

            6. Change Name ID format to EmailAddress

            7. Change Application username to Email

            8. Under Signature Certificate, add Certificate from Essentials IDP create (Upload file with cert) (For this step, copy the X.509 Certificate value from ProofPoint Portal into a basic text editor and save into ProofPoint.cer (Notepad recommended for Windows users, do not use Word). You might get a 1 day expiry notice at this step, you can ignore the notification and continue.

            9. Click Finish.

            10. Click View SAML setup Instructions

                 clipboard_ed17a47dbdc8df1dcf3dd8a46490f2297.png 

            16. Copy and paste the values into Proofpoint Essentials Identity Provider setup from the Okta SAML setup instructions.

            Microsoft Azure

            Proofpoint Essentials

            Identity Provider Issuer

            Identity Provider Single Sign-On URL

            Identity Provider Single Sign-On URL

            Identity Provider Login URL

            Identity Provider Single logout URL

            Identity Provider Logout URL

            X.509 Certificate

            Identity Provider X.509 Certificate


            clipboard_edaa7411a0f73f3f67f8d984c0421ebec.png

            17. Click Enable Single Sign-On. When enabled, the Identity Provider Sign in with button will display on main login screen.


            18. Click Save and Close.


            19. Finally, ensure users or groups are assigned to the application to enable SSO usage.





            Preview
            0 of 0