This article applies to Phoenix GovCloud (https://govphoenix.druva.com/)
Configure the app for Phoenix GovCloud in Okta
- Login to the Okta console using the configured URL. (The URL format resembles https://company-configured-name.okta.com.)
- Click Admin and on the admin screen click Add Application > Create New App. The Create a New Application Integration window is displayed.
- Select the SAML 2.0 option and click Create.
- On the General Settings tab, enter the name of the new app against App name. For example, you can enter Druva Phoenix-GovCloud.
- Optionally, you can also upload a logo.
- Click Next.
- Enter following on Configure SAML tab:
Single sign-on URL: https://govphoenix.druva.com/wrsaml/consume
Audience URI (SP Entity ID): druva-phoenix
Default Relay State: adminlogin
Name ID format: Select email address from the drop-down
Application username: Select eEmail from the drop-down
- Enter the following values under Attribute Statement:
Value: Copy the token from Phoenix-GovCloud Admin Console and paste it here. Refer article Generate SSO token.
- Click Next.
- When asked Are you a customer or partner?, select I'm a software vendor. I'd like to integrate my app with Okta and click Finish.
- Click View Setup Instructions on the next screen. A new page is displayed.
- From the new page, copy the values for Identity Provider Single Sign-On URL and X.509 Certificate to a notepad for later use and close the page.
- Click the Assignments tab in the SSO application created earlier and assign the People/Groups as required.
Configure settings in Phoenix-GovCloud to use Okta as IdP
- Login to Phoenix GovCloud (https://govphoenix.druva.com/admin/).
- Click Settings > Single Sign-On tab.
- Click Edit on the Single sign-on configuration page.
- Enter the values copied to the notepad from Okta page as shown below:
- From the values copied from Okta to the notepad earlier, enter the values as follows:
Identity Provider Single Sign-On URL: ID Provider Login URL
X.509 Certificate: ID Provider Certificate
- Click Save and click Edit under Single sign-on settings.
- Enable Single sign-on for Admins
- If this is a first-time configuration, Druva recommends you to enable Allow Failsafe access to cloud admins.
- Click Save .
When you login to Phoenix GovCloud Management Console next time, directly enter your administrator's email ID without the password. The page must redirect to the Okta page. After a successful authentication from Okta, you will get admin access to the Phoenix GovCloud Management Console.