w w w. e g n y t e. c o m Egnyte Single Sign-On (SSO) Installation for Okta To set up Egnyte so employees can log in using SSO, follow the steps below to configure Okta and Egnyte to work with each other. 1. Set up Okta for Egnyte 2. Configure Egnyte Settings for Okta 3. Import Users into Okta Set up Okta for Egnyte 1. Navigate to the Okta website and log in. Enter the administration view and select the Applications tab. Click Add Application. Figure 1 2. Locate Egnyte and click the Add icon. Figure 2 3. You ll be prompted to enter a few pieces of information. Enter them and select Next. www.egnyte.com 2015 by Egnyte Inc. All rights reserved. Revised September, 2015
Application Label is the label Egnyte will have on your Okta homepage, e.g. Egnyte. Egnyte Sub-Domain is whatever comes before.egnyte.com in your Egnyte domain name. If you log into https://acme.egnyte.com/, you would just type acme here. Application Visibility determines whether your users will see the Egnyte application on the Okta homepage. Select this option. Figure 3 www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 2
4. Select the SAML 2.0 option and then click the SAML 2.0 Setup Instructions for Egnyte. Figure 4 Note the link to SAML 2.0 setup instructions indicated by the red arrow in Figure 4. Click this link and keep the instructions that pop up open in a separate tab. We ll revisit them in a few steps, for now, click Next in the Okta setup wizard. 5. If you ve already set up users in your Okta account, you can choose up to 500 of them to have access to Egnyte at this point. This stage is optional, so if you re just setting up your Okta service, or you have more than 500 users to add, you can skip this and do it later. Either way, click Next to the next screen (Figure 5, which asks you to confirm your user selections) and then click done. www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 3
Figure 5 6. After you click Done, you ll be presented with the Egnyte application s configuration page within Okta. Here, you can change settings and grant users access to Egnyte. First, you ll need to log into your Egnyte account to enable SSO. Configure Egnyte Settings for Okta 1. Log into your Egnyte account through the web browser. 2. Navigate to Settings External Authentication SAML (SSO) www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 4
Figure 6 3. Now you re going to use those instructions you ve been keeping open in a separate tab. They should look like this: Figure 7 4. Check the box Enable SAML (SSO). www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 5
Figure 8 5. Choose Okta from the IdP Name dropdown. 6. Leave the IdP Account Name field blank 7. In the IdP Target URL field, enter whatever appears in the Copy Okta Login URL field (Step 4 of the screen in Figure 7). Note that this is a customer-specific URL, that is, you should NOT just enter the information in the screenshot above. 8. In the IdP Issuer URL field, enter whatever appears in the Copy Okta Entity ID field (Step 5 of the screen in Figure 7). Again, this is a customer specific URL and you should not just enter the information in Figure 1.X. 9. Click the Download Okta Certificate link from the screen depicted in Figure 7. Using Notepad, or a similar program, open the SAML Certification. You should see something like this. www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 6
Figure 9 Copy all of the text between the Begin Certificate and End Certificate. Paste that into the SAML Certificate Field. 10. Click on Save. You ve now configured SSO access via Okta for your Egnyte account, now you just need to import your Okta user list into Egnyte. Import Users into Egnyte 1. Log into Egnyte through the web browser, then navigate to Settings Users & Groups Power Users. 2. Click the Import button. Figure 10 www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 7
3. Download the sample user provisioning CSV file by clicking on the Download Sample File button on the import dialog. Open the downloaded CSV file in Microsoft Excel and fill out the columns with the following values: Figure 11 Here s an example of how it will look: Figure 12 Note: Periods (. ), underscores ( _ ), and hyphens ( - ) can be placed in usernames; however, usernames cannot begin with these symbols, nor can a username end with a period. 4. Save the file, making sure it remains in CSV format. 5. Upload the file to Egnyte by clicking on Browse in the Import User dialog and selecting the file you just saved. 6. Select the checkbox Allow creation of new users if you are using the spreadsheet to create new employee accounts in Egnyte. If your employees already have accounts in Egnyte and you are now allowing them to have SSO access, select Allow update of existing users. When updating www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 8
existing employees, you will need to complete only three columns ( Username, AuthType, and IdPUserID ); the rest can be left blank. 7. Click the button Create Users. 8. Wait for the confirmation email that indicates your user import has completed 9. Test the setup by logging out of your Egnyte account. You should now see a different login page that now includes a single sign-on option on the right. Click the Login button on the right and you should be redirected to your SSO provider. Log in. You should be redirected to your Egnyte domain. www.egnyte.com 2015 by Egnyte Inc. All rights reserved. 9