Skip to main content
Druva Documentation

How to configure SSO for Druva Cloud Platform using Okta as IdP

This article applies to:

  • Product edition: inSync Cloud and Phoenix using Druva Cloud Platform (DCP)

 

 

  • Only a Druva Cloud administrator can set up Single Sign-on. 
  • Configure Single Sign-on based on the applicable scenarios:
    • New Druva customers that is; Phoenix customers on-boarded after 02 July 2018 and inSync customers on-boarded after 14 July 2018 must refer to the instructions given in this article. 
    • Existing Phoenix and inSync customers who already have configured Single Sign-on, must continue to use the existing Single Sign-on settings of Phoenix and the Single Sign-on settings of inSync as applicable.

 

Overview

This article provides the steps to configure SSO for Druva Cloud Platform (DCP) using Okta as IdP.

The configuration is performed in the following order:

  1. Configure the Druva application on Okta
  2. Enable SSO for inSync and Phoenix Administrators
  3. Enable SSO for the users

Configure the Druva application on Okta

  1. Login to Okta admin console using your Okta admin credentials.
  2. On the menu bar, click Applications > Applications.

    OktaAppMenu.png
  3. Click Add Application.

    OktaAddApplication.png
     
  4. Search and add  Druva 2.0 application.

    OktaSearchAdd.png
  5. Click Done. A new application gets created.

    OktaNewApp.png
  6. Open the Sign On tab and click Edit.

    OktaEditApp.png
  7. Click View Setup Instructions and follow all the eight Configuration Steps mentioned in the setup instructions.

    OktaViewSetupInstructions.png
  8. After all eight steps are complete, click Save on the Okta admin console.
  9. Open the Assignments tab and assign this application to the intended Okta users.

    OktaAssignmentsTab.png

Enable SSO for inSync and Phoenix Administrators

  1. Login to the DCP console and go to Settings.

    DCPSettings.png
  2. On Single Sign-On Settings, click Edit. The Edit Single Sign-On Settings page opens.

     
  3. Select the Enable Single-On for Administrators. Failsafe for Administrators is enabled by default.
    Druva recommends to enable Failsafe for Administrators so that they have to access the DCP console in case of any failures in IdP (ADFS). It also enables the admins to use both SSO and DCP password to access the DCP console.

    DCPEditSSOSet.png
     
  4. Click Save.

This enables the access to DCP using SSO.

Enable SSO for the users

To enable SSO for users, enable SSO for an existing user profile. Alternatively, create a new profile and enable SSO for this profile. Subsequently, assign the users to this profile to enable access using SSO.

To enable SSO for users, either enable SSO for an existing user profile or create a new profile and enable SSO for the new profile. Subsequently, assign the users to the profile enabled with SSO, as indicated below:

To enable SSO for users:

  1.  Login to the inSync Management Console and either create a new profile or update an existing one. Refer Create a profile or Update a profile section for the steps.
  2. Assign users to the profile with SSO enabled. Refer Update the profile assigned to users section for the steps.