Skip to Content

Integrate Okta SSO with jumpserver

Note: SAML is an authentication mechanism for web applications. It's based on web protocols and it cannot be used for user authentication over SSH.

1. Login to okta and add Application

     

 

    

2. Select  SAML 2.0 and click Next

       

3. Fill App Name and click next

     

4. Fill the SAML setting 

       

      

       

     Click on Next after providing the Single sign on URL and entity ID in the SAML settings.

5. Check  I'm an Okta customer adding an internal app &  This is an internal app that we have created and click Finish 

  

     On the next page you can see the setup instructions.      

6. You can copy paste the settings found in setup instructions to Ezeelogin GUI > Setting > SAML

Or you can click on the Identity Provider metadata, then it will open a page containing metadata.

Copy the URL of the page and paste it to Metadata URL on Ezeelogin GUI > Settings > SAML Metadata URL and click on the fetch button, it will autofill the SAML settings and Save it.

 

 

7. Select Directory -> People from left panel and select add person to add user in OKTA.
8. Activate and assign user to application by clicking user in people tab. 

9. Change Web panel Authentication to SAML from Ezeelogin GUI > Settings > General >Authentication
10. Enable Auto Create User from Ezeelogin GUI -> Settings -> General -> Security -> Enable Auto Create User

 

You need to add different email address for each users. By default ezeelogin uses email address for creating  users. 

If you want to add an existing user in ezeelogin to SSO, Add the user with exact username, email address  as follows. (Ezeelogin will verify with the email address of the users by default)

 

Saml authentication is not supported for slave  if the URL is IP based.If you want to authenticate  slave using saml you have to use domain name.