Dash Enterprise Administration
4.1.0
4.1.0
  • v4.1.0 Changelog
  • Installation
    • Before you install
    • Dash Enterprise Single Server
      • Installation on cloud provider
      • On-premise installation on own server
      • Fully offline installation
      • VMware Edition installation
    • Dash Enterprise Kubernetes
      • Amazon Web Services resource prerequisites
      • Google Cloud Platform resource prerequisites
      • Microsoft Azure resource prerequisites
  • Configuration
    • Set up your Server Manager
    • Run preflight checks
    • Configure basic settings
    • Authentication settings
      • Built-in local authentication
      • LDAP authentication
      • SAML authentication
    • Dash Enterprise Kubernetes additional required configuration
    • Configure optional settings
    • Other options and customizations
    • Using Snapshots & Backups
    • Running and logging into Dash Enterprise
    • Next steps
  • Advanced Configuration
    • General troubleshooting and problem solving
    • Load balancer configuration
    • Reverse proxy setup instructions
    • Docker storage driver requirements and considerations
    • Import an LDAPS certificate from Active Directory into Dash Enterprise
    • Transfer Dash Enterprise to a new server
    • Sync license changes
    • Change channels for an upgrade
    • Admin panel reference
    • Configure Dash Enterprise to use common SAML IdPs
      • Active Directory Federation Services (AD FS)
      • PingFederate
      • Okta
  • Upgrade
    • Prepare for the upgrade
    • Upgrade
      • Dash Enterprise only instance
      • Dash Enterprise and Chart Studio Enterprise instance
    • After the Upgrade
Powered by GitBook
On this page

Was this helpful?

  1. Advanced Configuration
  2. Configure Dash Enterprise to use common SAML IdPs

Okta

PreviousPingFederateNextPrepare for the upgrade

Last updated 4 years ago

Was this helpful?

1 - Browse to your Server Manager Settings on port 8800 and enable SAML:

1.1 - Select the following options:

  • Use SAML for authentication

  • No IdP metadata is available yet

  • Disable TLS/SSL certificate validation when communicating with the IdP

1.2 - Leave the remaining options as their default values

1.3 - Return to the Dashboard and click Stop, then Start when it becomes available

1.4 - When the app reports ready, return to Settings and copy the SP (local) Metadata URL

  • Ensure that you can browse to this URL before proceeding

2 - Log into your Okta admin portal and configure SAML () with the following changes from the default settings:

2.1 - Single sign on URL (or ACS URL):

2.2 - Audience URI (SP Entity ID): the SP (local) Metadata URL from Step 3d

2.3 - Name ID format: Unspecified

2.4 - Application username: Email prefix

2.5 - Click Next, then on Okta support, answer as follows and complete the wizard:

  • I’m an Okta customer adding an internal app

  • This is an internal app that we have created

3 - In Okta, retrieve the Identity Provider metadata of the app you just created

3.1 - Click the Applications menu and the name of the app

3.2 - Click the Sign On tab and, on that page, right-click on Identity Provider metadata URL and copy the URL

4 - In your Server Manager, go to the Settings and:

4.1 - In the SAML settings section, select Enter a URL to the IdP (remote) metadata

4.2 - In the IdP (remote) Metadata URL field, paste the Identity Provider Metadata from Step 3b

4.3 - Check Enable signed AuthnRequests

4.4 - Check Enable encryption when communicating with the IdP

4.5 - Save the settings, then return to the Dashboard and click Stop, then Start

5 - In Okta, configure the user accounts you want to have access to your Dash app manager

5.1 - Click Directory in the menu bar, then People, and add user accounts:

  • One by one with Add Person; or,

  • In bulk with Import Users from CSV

5.2 - You can create groups and assign users to them in Directory > Groups

6 - In Okta, assign users and groups access to your application

6.1 - Click Applications in the menu bar, then the app you created in Step 2

6.2 - Click the Assignments tab, then either:

  • Assign to People, and click Assign for every individual to have access; or

  • Assign to Groups if you have groups containing the user accounts that should have access to the application

guide
https://dash-your-domain.com/Auth/saml2/acs/