Team: Huntress Managed Security Awareness Training (SAT)
Product: Huntress SAT SSO (OKTA)
Environment: OKTA / SAT Management Portals
Summary: Setting up Okta for Security Awareness training. This article outlines how to integrate Okta SSO with SAT to provide your learners with a fast and secure way to access the Security Awareness Training platform.
Setting up Okta for SAT
2. From here, navigate to the Access tab and locate the Authentication Type section.
3. Select SAML Single Sign-On’ from the Type dropdown menu. Choose to either enable or disable the Use Metadata URL option
4. With the provided SAML configuration settings, copy the Customer ID from the last string of the Service Provided Single Sign In URL section and save this somewhere to add to your Okta account in a later step. Also download the Encryption Certificate to be upload to Okta as well.
-
- For example: If the URL is https://mycurricula.com/auth/saml/acme, copy acme
6. Depending on if you opted to use the Metadata URL or not in step 3, please follow the appropriate steps from either option A or option B.
Option A: If you enabled Use Metadata URL (recommended)
In the Identity Provider Metadata URL section of the SAT platform, you’ll need to enter the entire Metadata URL provided by Okta.
SAT Portal
Okta Portal
Option B: If you did not enable Use Metadata URL
In the Identity ProviderSingle Sign-on URL section of the SAT platform, you’ll need to enter the entire Single Sign-on URL provided by Okta. This can be found by hitting More details under Metadata details of the Okta portal and copying the details of the Sign on URL to the SAT platform.
SAT Portal
Okta Portal
In the New Identity Provider X.509 Certificate section of the SAT platform, you will also need to enter the entire Signing certificate string provided by Okta also found under the “More details” section.
SAT Portal
Okta Portal
7. After adding the relevant data to each field, be sure to click the purple ‘Update’ button to save your changes.
8. In the Okta Admin dashboard of the SAT platform, under the same Sign On tab as above, you will need to upload the Encryption Certificate provided by SAT using the Upload option in the Encryption Certificate section of the page. This should then allow you to download the certificate again in the future should you need it.
SAT Portal
Okta Portal
9. In the Customer ID section, enter the value you saved in Step 4 in the corresponding field.
SAT Portal
Okta Portal
10. Click Save in the Okta portal to apply all changes. Be sure you have hit Update in the SAT portal to ensure those changes were also applied.
Your Okta SAT integration is now complete!
Other Access Options:
For those who wish to use alternate configuration options, we also support the following methods:
ISP
For those wishing to use this option, access can be granted via the Okta SAT app directly.
SP
For those wishing to use this option, you can access the URL which can be found in the Group settings > Access Tab > Authentication Type > SAML Single Sign-On > Service Provider Sign In URL (assertion).
JIT (Just in Time)
For those wishing to use this option, simply change your enrollment method from Closed to Open. This change can be made in the Group Settings > Access Tab > Enrollment. The open method allows learners to be created automatically in the platform. Licenses will automatically be consumed or added with this method as needed.