Configure SAML using Okta

You can configure SAML using Okta in Cloud Rewind.

Step 1: Create a Cloud Rewind Application

1. Set the Single Sign-On URL to the Cloud Rewind ACS URL.

2. Paste the Entity ID from Cloud Rewind.

3. Configure the below attributes as follows:

   • Name ID Format: Email address

   • Application User Name: OKTA username

   • Update Application Username On: Create and Update

4. Attribute Statement

   • Name: email

   • Name Format: Basic

   • Value: user.email

5. Group Attribute Statements (Optional)

6. Save the configuration.

7. Navigate to Sign-On Settings.

   • Copy the Issuer Value and paste it under Cloud Rewind Entity ID.

   • Paste the Sign-On URL under the Cloud Rewind ACL URL.

   • Download the Certificate, copy the cert value, and paste it into the Cloud Rewind certificate section.

   • Assign desired Roles and click configure.

Step 2: Configure SCIM in Cloud Rewind with Okta

Under Application Provisioning, do the following:

1. Enable the SCIM option.

2. Copy and paste the Base URL from Cloud Rewind.

3. Set the Unique Identifier Field to "email".

4. Enable the following Provisioning Actions:

   • Import New Users and Profile Updates

   • Push New Users

   • Push Profile Updates

5. Choose Authentication Mode as HTTP Header.

6. Generate a token in Cloud Rewind and paste it under HTTP Header Authorization.

7. Save the changes.

8. After saving the SCIM configuration edit, enable the below-listed items:

   • Create Users

   • Update User Attributes

   • Deactivate Users

9. Under Assignments, click "Assign" and select the users.