Configuring Okta for Admin SAML Single Sign-On


Configuring Okta for Admin SAML Single Sign-On

This example illustrates how to configure the Zscaler service as an application in Okta for enabling SAML single sign-on for admins. Refer to the Okta documentation for additional information about the steps in the example.

Prerequisites

Ensure you the following before configuring Okta:

  • Okta account with admin privileges
  • Admin account(s) created for your organization's admin(s). See How do I add admins?

Configuration Steps

To add the Zscaler service as an application, log in to Okta and do the following:

  1. Go the Applications tab and click Add Application.
  2. Enter SAML Service Provider in the Search field, and then click Add.

Configuration Steps

3.  In Add SAML Service Provider, complete the following:

  1. In General Settings, specify the display name for the Zscaler service in Application Label and click Next.

  1. In Sign-On Options, click View Setup Instructions.

  1. From the dialog that opens, download the Identity Provider Certificate by clicking the provided link.

  1. The file downloaded will be named "okta.cert". Rename the certificate to "okta.cer".
  2. In Assign SAML Service Provider to People, enter the admin's name (Person) and email address (Username), and click Done.

The admin can now access the Zscaler admin portal through Okta by clicking on the configured Zscaler application for Admin SAML. See example below.