Add a sample header application
The purpose of this tutorial is to walk through the process of setting up a sample header application through the Access Gateway Admin UI console.
- Access Gateway is installed and configured for use.
See Manage Access Gateway deployment.
- Access Gateway has been configured to use your Okta tenant as IDP.
See Configure your Okta tenant as an Identity Provider for more information about configuring your Okta tenant as an IDP.
- You have administrator rights on your Okta tenant and can assign applications to users and create groups.
Appropriate DNS entries exist for the application.
- Sign in to the Access Gateway Admin UI console.
Click the Applications tab.
Click +Add to add a new application.
Select the Access Gateway Sample Header App option from the left column menu, and click Create.
The New Protected Application wizard will start and display the Setting tab for the application being added.
Review the Settings tab then click Next.
The Settings page provides options with which to further configure the application.
See About application settings for more information on the application settings.
The Attributes page provides a list of attributes that are passed into the application. This page also provides the ability to add, edit, or remove any attribute.
SeeApplication attributes for more information on the attribute options.
In a new tab, navigate to your Okta org and sign in as an administrator.
In the Admin Console, go to Directory >Profile Editor.
- In the Actions column, click Profile.
- Click + Add Attribute to add a custom attribute used to send header information through the Sample Header Application.
- Enter a Display name and an appropriate Variable name. For example, the display name can be , for example, Gender and the variable can be gender. Click Save.
- In the Admin Console, go to Directory > People.
- Select your account under the Person & Username column.
- Click the Profile tab, and click Edit.
- Go to the new attribute, in this example Gender, and enter a corresponding value.
- Click Save.
Return to the Access Gateway Admin UI console.
Select the new application and click the Edit icon.
In the Attributes section, click the +.
The Add new Attribute window opens after the list of existing attributes.
In the Name field, enter manager and in the Value field, select the attribute type as manager.
In the Value menu, enter the name of the attribute you want to add, and click the new attribute in the drop-down menu.
- Click Next.
- Click Done.
- Confirm that the sample header app is displayed as Active in the Protected Applications list.
- Click Goto application.
Ensure that the Public Domain defined in the Configure the Header Application Settings is added to local host file or DNS Server pointing to the VM running Access Gateway. For example:
<ip address> <app public domain> xxx.xxx.xxx.xxx header.gateway.info
Access Gateway inserts the cookie header into the request before it is sent to the back-end web application.
Click Goto application and select IDP Initiated to verify that the application is working.
Your Okta tenant administrator will need to assign the header application to you.
- On the application page, review and verify that the sample header app sent to Okta matches your profile information.
- See Access Gateway supported application and version information for details of supported application and version information.
- See Add a generic header application.
- See Add a sample header application.
- See Add a sample policy application.
- See Troubleshoot applications.
- Add or review application essential settings. See About application essentials and Manage application essentials.
- Add application behaviors. See About application behaviors.
- Add fine grained policy to further protect resources. See About application policy and Manage application policy for an overview on user policy and for examples respectively.
- Extend existing policy using custom configuration. See Advanced Access Gateway policy.
- Associate a certificate with this application. See Manage certificates.
- Add supplemental database or LDAP based data stores. See Administer data stores.