Return to the VMware Identity Manager console to complete creating the new third-party identity provider.

Procedure

  1. In the new identity provider page, enter the following information.
    Option Description
    Identity Provider Name Enter a name for the new identity provider, such as Okta SAML IdP.
    identityProvider.idpForm.saml Select HTTP Post.
    Note: This field appears after you enter the metadata URL in the SAML Metadata section and click Process IdP Metadata.
    SAML Metadata
    1. In the Identity Provider Metadata text box, enter the metadata URL copied from Okta. For example:

      https://yourOktaTenant/app/appId/sso/saml/metadata

    2. Click Process IdP Metadata.
    3. In the Name ID format mapping from SAML Response section, click the + icon, then select the following values:

      Name ID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

      Name ID Value: userPrincipalName

      Note: Select the User Attribute that the application username value defined in Okta will match.
    Users Select the directories you want to authenticate using this identity provider.
    Network Select the networks that can access this identity provider.
    Authentication Methods Enter the following:

    Authentication Methods: Enter a name for the Okta authentication method, such as Okta Auth Method.

    SAML Context: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport


    complete creating IDP in workspace one

  2. Click Add.