Skip to main content

SAML with Okta

This guide walks you through configuring SAML 2.0 SSO between Okta and NetActuate.

Prerequisites

  • Admin access to your Okta organization
  • Admin access to the NetActuate portal
  • A verified domain in your NetActuate account

Step 1: Create a New Application in Okta

  1. Log in to the Okta Admin Console.
  2. Navigate to Applications → Applications → Create App Integration.
  3. Select SAML 2.0 and click Next.
  4. Enter an application name (e.g., "NetActuate") and click Next.

Step 2: Configure SAML Settings in Okta

Enter the following values in the SAML settings:

FieldValue
Single Sign-On URLhttps://portal.netactuate.com/saml/acs
Audience URI (SP Entity ID)https://portal.netactuate.com/saml/metadata
Name ID FormatEmailAddress
Application UsernameEmail

Step 3: Configure SAML Attribute Statements

Add the following attribute mappings:

NameName FormatValue
emailUnspecifieduser.email
firstNameUnspecifieduser.firstName
lastNameUnspecifieduser.lastName

Note: The attribute names must match exactly as shown above. NetActuate uses these attributes to identify and provision users.

Step 4: Complete Okta Setup

  1. Click Next to proceed to the feedback step.
  2. Select "I'm an Okta customer adding an internal app" and click Finish.
  3. On the application page, click the Sign On tab.
  4. Under SAML Signing Certificates, click Actions → View IdP metadata for the active certificate.
  5. Copy the metadata URL or download the metadata XML file.

Step 5: Configure NetActuate

  1. Log in to the NetActuate portal.
  2. Navigate to Account → Settings → SAML.
  3. Enter the IdP metadata URL or upload the metadata XML file from Okta.
  4. Click Save.

Step 6: Assign Users in Okta

  1. In the Okta Admin Console, go to the NetActuate application.
  2. Click the Assignments tab.
  3. Assign the application to users or groups who need access.

Step 7: Test the Integration

  1. Open a new incognito/private browser window.
  2. Navigate to the NetActuate portal login page.
  3. Select SSO Login and enter your corporate email address.
  4. Verify that you are redirected to Okta and can authenticate successfully.

Note: If authentication fails, verify that the user is assigned to the application in Okta and that the attribute mappings are correct.

Troubleshooting

  • "User not found" error: Ensure the user's email in Okta matches their NetActuate account email.
  • Certificate errors: Verify the IdP metadata URL is accessible and the certificate has not expired.
  • Redirect loop: Confirm the Single Sign-On URL and Audience URI are entered correctly in Okta.

Need Help?

If you run into issues, contact NetActuate Support.