Follow these steps to set up SAML/SSO for Okta after completing the steps in Kolide's SAML / SSO Sign-in document.
Log in to your Okta account.
Select "Applications", click the green button that says "Add Application", and then click "Create New App".
Be sure to make sure the Platform field says "Web", and select the Sign on method to indicate SAML 2.0.
Next, type in "Kolide", or whatever unique identifier you want for the app, into the "App name" field.
If you would like to add a description, may we suggest the following?
Kolide is a user focused security platform which your team uses to inform users
when their device has issues that affect system stability or security
And for a logo, feel free to use this one:
Once you click Next, you will need to copy and paste your unique Kolide SSO URL into the Single sign on URL field, and your Kolide Issuer URL into the Audience URI (SP Entity ID).
Use the dropdown menus to propagate "EmailAddress" in the Name ID format field, and "Email" in the Application username field.
This will take you to an optional Feedback page. You can certainly fill this out, or click "Finish".
This will take you to the new Application page. Click on the "View Setup Instructions".
This will take you to the configuration page, where you will need to copy the unique URLs from into your Kolide setup page.
Item 1 should be pasted in the IDP SSO TARGET URL field, and the "X,509 Certificate" should be copied and pasted into the designated X,509 CERTIFICATE field in Kolide.
Hooray! This is now configured!
But wait. There's one more step!
You now have to go to your Security & Privacy page to enforce SAML / SSO.
Click "Save Changes", which will now make other sign in methods inaccessible.
Your team will see a message in their inbox letting them know of this change.
Now, when your team signs in, they will see this* (*Okta Logo used as an example):
BOOM! Now you're all set! Now get cracking :)