Okta SSO

1. Generate a Certificate in CloudWisdom

  1. Navigate to Account Profile > SSO.
  2. Click Generate. generate
  3. Copy the generated certificate and use it to create a .cert file.
  4. Click Continue. Keep this tab open and open a new tab; you must now go to your SSO provider and upload the certificate. Each provider will be slightly different.
  1. Log into Okta as an administrator and navigate to Applications.
  2. Click Add Application.
  3. Click Create New App.
  4. Select Web in the Platform dropdown and then choose SAML 2.0; click Create.
  5. Type an App name and upload a logo (if desired). Leave the App visibility options as they are.
  6. Click Next.
  7. For the Single Sign On URL, use https://app.metricly.com/saml/SSO and leave Use this for Recipient URL and Destination URL checkmarked.
  8. For the Audience URI (SP Entity ID), use netuitive-api.
  9. For Name ID format, select EmailAddress. Leave Application username as the default, and click Show Advanced Settings.
  10. Under the Advanced Settings:
    • Select Encrypted for Assertion Encryption.
    • Upload the certificate you received in Step 1 for the Encryption Certificate setting.
    • Change Authentication context class to X.509 Certificate.
  11. Under the Attribute Statements section:
    • In the first default blank attribute, type firstName in the Name field and user.firstName into the Value field.
    • Click Add Another.
    • In the first default blank attribute, type lastName in the Name field and user.lastName into the Value field.
    • Click Add Another.
    • In the first default blank attribute, type email in the Name field and user.email into the Value field.
    • Click Add Another.
    • In the first default blank attribute, type role in the Name field and user.role into the Value field user.role must be entered manually and does not appear in the dropdown.
    • CloudWisdom requires administrator access for creating and editing data. To grant administrator privileges enter user.isMemberOfGroupName("OurAdminGroup") ? 'Administrator' : null as your role value and replace OurAdminGroup with your group for CloudWisdom Administrators. add-attributes
  12. Click Next.
  13. Click Finish.
  14. Click View Setup Instructions in your app.
  15. Click Download Certificate (this is your public key)
  16. Copy and save the metadata as an XML file. This is under Optional in Okta. optional-metadata

Add your tenant name to the Default Relay State field if you do not want to enter it when logging into CloudWisdom from Okta. Your tenant name is the company name you used when you signed up for a CloudWisdom account. Contact support if you do not know your tenant name. default-relay-state

3. Finish SSO Set-up in CloudWisdom

  1. Upload the certificate (public key) from Okta.
  2. Upload the metadata.xml file from Okta. upload-metadata-xml
  3. When finished, it should look like this: setup-complete

Login URLs

  • login URL: https://us.cloudwisdom.virtana.com/#/login?sso=true
  • login URL (tenant name pre populated): https://us.cloudwisdom.virtana.com/#/login?sso=true&tenantName=Your+Tenant+Name