Skip to main content

 

Druva Documentation

How to Configure Phoenix-GovCloud SSO using Okta as IdP?

This article applies to Phoenix GovCloud (https://govphoenix.druva.com/)

Configure the app for Phoenix GovCloud in Okta

  1. Login to the Okta console using the configured URL. (The URL format resembles https://company-configured-name.okta.com.)
  2. Click Admin and on the admin screen click Add Application > Create New App. The Create a New Application Integration window is displayed.
  3. Select the SAML 2.0 option and click Create.
  4. On the General Settings tab, enter the name of the new app against App name. For example, you can enter Druva Phoenix-GovCloud.
  5. Optionally, you can also upload a logo.
  6. Click Next.
  7. Enter following on Configure SAML tab:
    Single sign-on URL: https://govphoenix.druva.com/wrsaml/consume
    Audience URI (SP Entity ID): druva-phoenix
    Default Relay State: adminlogin
    Name ID format: Select email address  from the drop-down
    Application username: Select eEmail from  the drop-down

    ConfigureSAMLtab.png
  8. Enter the following values under Attribute Statement:
    Name: phoenix_auth_token
    Value: Copy the token from Phoenix-GovCloud Admin Console and paste it here. Refer article Generate SSO token.
  9. Click Next.
  10. When asked Are you a customer or partner?, select I'm a software vendor. I'd like to integrate my app with Okta and click Finish.
  11. Click View Setup Instructions on the next screen. A new page is displayed.
  12. From the new page, copy the values for Identity Provider Single Sign-On URL and X.509 Certificate to a notepad for later use and close the page.
  13. Click the Assignments tab in the SSO application created earlier and assign the People/Groups as required.

Configure settings in Phoenix-GovCloud to use Okta as IdP

  1. Login to Phoenix GovCloud (https://govphoenix.druva.com/admin/). 
  2. Click Settings > Single Sign-On tab.
  3. Click Edit on the Single sign-on configuration page.
  4. Enter the values copied to the notepad from Okta page as shown below:
  5. From the values copied from Okta to the notepad earlier, enter the values as follows:
    Identity Provider Single Sign-On URL: ID Provider Login URL
    X.509 Certificate: ID Provider Certificate

    EditSSOConfig.png
  6. Click Save and click Edit under Single sign-on settings.
  7. Enable Single sign-on for Admins
  8. If this is a first-time configuration, Druva recommends you to enable Allow Failsafe access to cloud admins.
  9. Click Save .
    When you login to Phoenix GovCloud Management Console next time, directly enter your administrator's email ID without the password. The page must redirect to the Okta page. After a successful authentication from Okta, you will get admin access to the Phoenix GovCloud Management Console.