This article applies to inSync GovCloud (https://govcloud.druva.com).
Configure inSync GovCloud SSO for admins using Okta as IdP
This configuration is performed the following order:
- Configure the app for inSync GovCloud in Okta
- Configure settings in inSync GovCloud to use Okta as IdP
- Enable SSO for administrators on inSync Cloud
Configure the app for inSync GovCloud in Okta
- Login to the Okta console using the configured URL. (This is different for everyone. Mostly, the link looks like: https://company-configured-name.okta.com)
- Click Admin. The admin screen is displayed.
- Click Add Application > Create New App . The Create a New Application Integration window is displayed.
- Select the SAML 2.0 option, then click Create.
- Under the General Settings tab, enter a name for the new app in the App name field. For example - Druva inSync-GovCloud.
- Upload a logo for the app (Optional) and click Next.
- Under the Configure SAML tab, configure the settings as shown below:
Single sign on URL: https://govcloud.druva.com/wrsaml/consume
Audience URI (SP Entity ID): druva-govcloud
Default RelayState: <Leave blank>
Name ID format: Select EmailAddress from the drop-down
Application username: Select Email from the drop-down
- Under Attribute Statement, enter values as shown below:
Value: Copy the token from inSync-GovCloud the inSync Management Console} and paste it here. (See Generate SSO token)
- Click Next when asked Are you a customer or partner?, select I'm a software vendor. I'd like to integrate my app with Okta .
- Click Finish.
- Click on View Setup Instructions on the next screen and a new page opens.
- Copy the values for Identity Provider Single Sign-On URL and X.509 Certificate to a notepad and close the page. The copied values need to be used later in the procedure.
- Click the Assignments tab in the SSO application that you created and assign the People/Groups according to your requirements.
Configure settings in inSync-GovCloud to use Okta as IdP
- Open https://govcloud.druva.com/admin/
- Login using the admin credentials
- Click Settings > Single Sign-On tab.
- Click Edit under Single sign-on Configuration .
- Enter the values copied earlier to the notepad from Okta page as shown below:
Identity Provider Single Sign-On URL: <ID provider login URL>
X.509 Certificate: <ID provider certificate>
Enable SSO for administrators on inSync Cloud
- Login to the inSync Management Console and click Settings.
- Open the Single Sign-On tab and click Edit under inSync Configuration. The Single Sign-On Settings window is displayed.
- Select Enable single sign-on for administrators.
- Click Save .
The administrator who enables Single Sign-On for administrators becomes the Failover Administrator. A Failover Administrator can use both Single Sign-On and administrator credentials to access the inSync Management Console. This is useful to gain access to the console to resolve configuration issues.