Have an Okta account with application creation rights.
Cloudi-Fi administrator account.
SAML module activated in your Cloudi-Fi settings.
1) Get your Cloudi-Fi Company Key
Trust must be established between Cloudi-Fi and Okta to allow authentication.
To set up this trust, you must provide Okta with your Cloudi-Fi Company Key.
In the Cloudi-Fi admin portal, go to Settings and note your Company Key.
2) Okta service configuration
Go to your Okta portal and switch to "Classic UI" mode.
Go to the Application section, and add a new application.
Click on "Create a new Application Integration."
Select SAML 2.0
In the General Settings page:
App name: Cloudi-Fi
and click on Next
In Configure SAML page :
Single sign-on URL: add the Cloudi-Fi SAML URL and replace it with your Cloudi-Fi Company Key
Configure the rest of the fields as described below screenshots :
Once the Cloudi-Fi application is created on Okta, click "View SAML Setup Instructions" to retrieve technical information to be configured on the Cloudi-Fi portal.
Here are needed information:
Identity Provider Single Sign-On URL
Identity Provider Issuer
3) Cloudi-Fi configuration
In the Cloudi-Fi admin portal, go to Settings -> Auth Modes and select SAML.
Fill out the form as described below with details previously retrieved on Okta :
- IdP EntityId = Identity Provider Issuer (Marked 2 in the previous screenshot)
- Binding Method = POST
- IdP Endpoint = Identity Provider Single Sign-On URL (Marked 1 in the previous screenshot)
- Logout Binding Method = POST
- Logout Endpoint =
- IdP Signing Certificate = X.509 Certificate (Marked 3 in the previous screenshot) without "Begin Certificate" and "End certificate" markers
- Email attribute name = mail
Finally, click on Save
Once done, you must activate the SAML authentication on your captive portal.
Please contact our team (How to contact your support? ) to make the necessary changes to your captive portal or consult the articles available in our online help https://help.cloudi-fi.com/