Okta SAML
Before starting, please read about the SAML provider.
This guide will help you to configure the connection between ReportPortal and Okta.
You can use it as high-level steps for reference. To get more information about Okta configuration, read the official documentation.
SAML plugin is available in ReportPortal on the Plugins page.
Requirements
- Okta account
- ReportPortal instance
- Access to the ReportPortal instance and Okta account
- Available connection between Okta and ReportPortal
Configuration Okta
Step 1: Create a new App Integration
Go to the Okta dashboard
Click on the Applications
in the sidebar menu and click on the
Create App Integration
button.
Choose integration type
Pick SAML 2.0
and click Next
.
Fill the general settings
In the App name
field, enter the application's name. Click Next
.
Step 2: Configure SAML
Fill in the SAML settings
In the Single sign-on URL
field, enter the following URL:
https://<host>/uat/saml/sp/SSO/alias/report-portal-sp
In the example below, ReportPortal was deployed on the local machine using the following URL:
http://192.168.49.2/uat/saml/sp/SSO/alias/report-portal-sp
In the Audience URI (SP Entity ID)
field, enter the following identifier:
report.portal.sp.id
You can change this identifier when you deploy ReportPortal. More information about the identifier you can find in the SAML Overview.
In the Name ID format
field, select EmailAddress
. You can use the UNSPECIFIED format as well.
More information about the Name ID format you can find in the SAML Overview.
Fill in the Attribute Statements
Add the following attributes:
user.email
with the valueemail
user.firstName
with the valuefirstName
user.lastName
with the valuelastName
Click Next
.
Provide feedback
In this case, the 'I'm an Okta customer adding an internal app' option was selected, along with the 'This is an internal app that we have created' option in the App type
field.
Click Finish
.
Copy metadata URL
After the App Integration is created, you will see the Settings
tab with the
Sign on methods
section.
Copy the ' Metadata URL ' in the SAML 2.0
section. You will need it to
configure the ReportPortal SAML plugin.
Step 3: Assign users
You can't provision a user from Okta to ReportPortal if you already have a pre-created internal user in ReportPortal with the same email and a different login. Read more about JIT provisioning
You can add a user by clicking on the Assignments
tab and then clicking on
the Assign
button.
In the case above, a user with the email baba_yaga@continental.com doesn't exist in the deployed ReportPortal instance.
ReportPortal configuration
Step 1: Open the SAML plugin
Log-in to the ReportPortal by Admin account and go to the Administrate
-> Plugins
-> SAML
.
Step 2: Add a new integration
Click on the Add integration
button.
Step 3: Fill in the form
Identity provider name ID
In the Identity provider name ID
field, enter the
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
if you chose the
EmailAddress
format for the Name ID format
in the Okta configuration.
If you choose the UNSPECIFIED
format, keep this field empty.
You can find more information about the Name ID format in the SAML Overview
Provider name
In the Provider name
field, enter any name you want, for example Okta
.
Metadata URL
In the Metadata URL
field, paste the copied Okta metadata URL.
Attribute mapping
You need to map the attributes from the Okta configuration to the ReportPortal.
- Enter the
email
attribute name in the 'Email' field. - In the
First name
field, enter thefirstName
attribute name. - In the
Last name
field, enter thelastName
attribute name.
RP callback URL
In the RP callback URL
field, enter the URL:
https://<host>/uat
In the case below, the following URL was used: http://192.168.49.2/uat
.
Create the integration
After you fill in the form and clicked on the Create
button, you will see the
new integration in the list.
Step 4: Test the integration
Log-out from the ReportPortal and go to login page. You will see the
Login with SAML
button.
Click on the button, and you will be redirected to the Okta login page.
After successful login, SAML plugin will create the user to the ReportPortal
and you can see the user in the Users
section on the Administrate
page.