Create an Access Gateway SAML proxy application

During this task we will create the header application, which will proxy requests to the SAML pass through application for accesses from the general internet.

Create the application in Access Gateway

  1. Sign in to the Access Gateway Admin UI console.
  2. Click the Applications tab.

  3. Click +Add.

  4. Select the Header Based option from the application menu, then click Create.

  5. Enter the following in the Essentials section:

    Field Value
    Label A name for the application. For example SAML Pass through application.
    Public Domain A fully qualified host name. In this example external-saml<.domain.tld>. The externally (public facing) URL for the SAML application. Often the same as the Protected Web Resource.
    Protected Web Resource The URL of the protected resources. This is SAMLtest.example.com in the example. The IP address of the SAML pass through application, or its internal DNS name.
    Group Enter the group containing the users who should have access to the application.
    Description Optional. An appropriate description for your application.
  6. Select the Settings tab.
  7. Expand the Certificates pane.

    By default, when you create the application the system generates a self-signed wildcard certificate and assigns it to the app.

  8. Optional. Click Generate self-signed certificate. This creates a self-signed certificate and assigns it to the app.
  9. Optional. Select an existing certificate from the list of available certificates. Use the Search field to narrow the set of certificates by common name. Use the page forward and backward arrows to browse the list of available certificates.
  10. Click Next.
  11. On the row containing the oag username attribute, click the Delete icon as the attribute is not required.
  12. Click Yes to confirm the deletion.
  13. Click Next.
  14. Click Done.

Next steps

Add an Okta bookmark application