OKTA^®

The goal of the integration between OKTA and Fortra VM is to allow single sign-on capabilities using OKTA as the third party authentication service.

To integrate with OKTA, perform the following steps (see below for detailed instructions):

1. Configure single sign-on in Fortra VM.
2. Create a SAML 2.0 integration application on your OKTA account.
3. Complete configuration of your Fortra VM account using the information provided by OKTA.
4. Add users to your SAML 2.0 integration application.

Configure Single Sign-on in Fortra VM

The following instructions describe how to configure single sign-on in Fortra VM. You will need information from this configuration to create a SAML 2.0 integration application on your OKTA account.

1. Log in to Fortra VM.
2. From the navigation menu, select System > Settings.
3. Select the Single Sign-on tab. You are now on the Single Sign-on Configuration page.




NOTE: If you do not see the Single sign-on tab, it has not been enabled. Call Technical Support for assistance.
• In the Name field, enter a name of your choice for the configuration, such as <companyname>OKTASSO.

• In the Sub domain field, enter a sub domain name of your choice, such as your company name, with no spaces. This will generate the Single Sign-on URL and Metadata URL on the right side of the screen. You need this information to create the SAML 2.0 integration application on your OKTA account.

  

4. Leave the Single Sign-on Configuration page in Fortra VM open and continue with the next step.

Create a SAML 2.0 Integration Application

The following instructions describe how to create your OKTA SAML 2.0 integration application for use with Fortra VM Single Sign-on. You will need information from this set up to complete the configuration process in Fortra VM.

With the Single Sign-on Configuration page still open in Fortra VM, open up a new browser tab or window, and log in to your company’s OKTA account (usually <companyname>.OKTA.com).

1. Select the Admin button to the top right to reach the Dashboard page.



2. In the upper left corner open the drop down menu that reads Developer Console and select Classic UI.



3. From the upper menu bar, select Applications > Applications.



4. Select the Add Application button on the Applications page.



5. The Add Application page opens. Select Create New App.



6. The Add Application Integration dialog box will open.
   
   
   • Select Web for Platform
   • Select SAML 2.0 for Sign on method.
   • Select the Create button.
7. You are now on the General Settings tab of the Create SAML Integration page.
   
   
   • In the App Name field, enter a name of your choice, such as Fortra VM SSO.
   • You can leave the default selections for App Logo and App visibility, or supply a logo and toggle app visibility.
   • Select Next.
   
   
8. You are now on the Configure SAML tab of the Create SAML Integration page.
   
   
   • Copy the following information from the open Fortra VM window to OKTA:
     

   Fortra VM Field Value		OKTA Field Value
   Single Sign-on URL		Sign-On URL
   Metadata URL		Audience URI (SP Entity ID)

   • For Use this for Recipient URL and Destination URL, leave the check-box selected .
   • For Allow this app to request other SSO URLs, leave the check-box unselected .
   • Leave the Default Relay State field empty.
   • For Name ID format, select Email Address.
   • For Application Username, select OKTA username.
   • Leave the remaining fields blank.
   • Select Next.
     



9. You are now on the Feedback tab of the Create SAML Integration page.
   
   
   • Select I’m an Okta customer adding an internal app.
   • Leave the remaining fields blank.
   • Select Finish at the bottom of the page.
   
   
10. You are now on your new application’s Sign On Settings page.
    
    

    Select View Setup Instructions.

11. The How to Configure SAML 2.0 page will open in a new browser window.



12. Leave this window open and continue with the next step.

Complete Fortra VM Single Sign-on Configuration

The following instructions describe how to copy the OKTA server information and token-signing certificate to Fortra VM.

1. Copy the following information from the OKTA window you left open to Fortra VM fields:

OKTA Field Value		Fortra VM Field Value
1. Identity Provider Single Sign-On URL		Log in URL and Log out URL
2. Identity Provider Issuer		Trust Identify URL
3. X.509 Certificate		Certificate

2. On the Fortra VMConfigure Single Sign-on page, select Save.
3. From the navigation menu, select System > Users & Roles.
4. From the users list, select the user account that will utilize single sign-on.
5. You are now on General tab of the user account.
   
   In the User Information section, toggle Use single sign-on to ON.
   • Select Save. You will need to do this for each user account that will be utilizing single sign-on. Fortra VM is now configured for OKTA integration.

6. Close Fortra VM and continue with next step.

Add Users to the SAML 2.0 Integration App

The following instructions describe how to add users to your SAML 2.0 integration application so they may access Fortra VM via their OKTA single sign-on account.

If you have not already done so, log in to your company’s OKTA account (usually <companyname>.OKTA.com).

1. Select the Admin button to the top right to reach the Dashboard page.
2. Select Applications from the top navigation menu.
3. Select the SAML 2.0 application you just created to open the application settings.
4. Select the Assignments tab.

From here, you can assign individual users or groups to the SAML 2.0 application. Once assigned, OKTA is now configured to allow authentication to your company’s assigned Fortra VM sub-domain using your OKTA credentials.