This topic tells you how an administrator can test the connection between Single Sign‑On for VMware Tanzu Application Service and Okta services. An administrator can test both service provider and identity provider connections.
You can test your identity provider integration by deploying the Pivotal Single Sign-On Service Sample Applications.
Log in to Apps Manager at
https://apps.SYSTEM-DOMAIN and navigate to the org and space where your application is located.
Under Services, locate the service instance of the Single Sign‑On plan bound to your app and click Manage.
Under the Apps tab, click your app.
Under Identity Providers, select the Okta identity provider.
Return to Apps Manager and click on the URL below your app to be redirected to the identity provider to authenticate.
Click the link.
On the identity provider sign-in page, enter your credentials and click Sign In.
The app asks for authorization to the necessary scopes. Click Authorize.
The access token and ID token displays.
Note: Single Sign‑On does not support identity provider-initiated flow into apps, but it does redirect the user to the User Account and Authentication (UAA) page to select apps assigned to the user.
Sign in to Okta.
Navigate to the app tile and click it.
You are redirected to the page that lists apps you have access to.
Test single sign-off to ensure that when users log out of the app, they are logged out of Okta as well.
Under What do you want to do?, click Log out.
You are logged out and redirected to the Okta login page.