Configuring SAML

Prerequisites

A Pulse-IT server running in https.
An OKTA account
An internet connection

Open the OKTA admin platform

Preparing the server

Install xmlsec package.

dnf install xmlsec1

Create a sso_files directory.

cd  
mkdir sso_files

Generate a x509 certificate using openssl command.

cd sso_files
openssl req -nodes -new -x509 -newkey rsa:2048 -days 3650 -keyout private.key -out public.cert

Add volume mapping to compose-local.yml.

Edit the [install_dir]/compose-local.yml file to add the sso_file directory

services:
  app:
    volumes:
    - /mnt/sharing1:/app/sharing1
    - /home/[user]/sso_files:/app/sso_files

copy xmlmetadata.

Goto the Okta administration console and select:

    > Applications  
    > [Your app] 
    > Sign-on tab  
    > View SAML setup instructions button  
    > Provide the following IDP metadata to your SP provider value  

Copy the xml field, save it into the .sso_files directory and name it okta_metadata.xml

Edit the .local.env file

Open the .local.env file in your Pulse-it installer folder and add these line

SAML_ENABLED=True
SAML_HOST = https://pulse-it-40
SAML_XMLSEC_BINARY_PATH=/usr/bin/xmlsec1
SAML_METADATA_PATH = /app/sso_files/okta_metadata.xml
SAML_KEY_FILE = /app/sso_files/private.key
SAML_CERT_FILE = /app/sso_files/public.cert	

where: SAML_HOST is the url to your Pulse-IT server.
SAML_METADATA_PATH contains 1 or several path to xml metadata file.
SAML_KEY_FILE = locally installed .key file
SAML_CERT_FILE = locally installed .cert file

Restart the server

    ./embrace-app.sh --restart

Configuring SAML

Prerequisites​

Open the OKTA admin platform​

Preparing the server​

Install xmlsec package.​

Create a sso_files directory.​

Generate a x509 certificate using openssl command.​

Add volume mapping to compose-local.yml.​

copy xmlmetadata.​

Edit the .local.env file​

Restart the server​