Add a sample header application
The purpose of this tutorial is to walk through the process of setting up a sample header application through the Access Gateway Admin Console.
- Access Gateway is installed and configured for use.
See Manage Access Gateway deployment.
- Access Gateway has been configured to use your Okta tenant as IDP.
See Configure your Okta tenant as Identity Provider for more information about configuring your Okta tenant as an IDP.
- You have administrator rights on your Okta tenant and can assign applications to users, and create groups.
Appropriate DNS entries exist for the application.
Navigate to your Access Gateway instance and sign in as admin.
Access Gateway creates a default self-signed certificate. For non-production deployments, this will be appropriate. Proceed past any security exceptions raised by your browser. For production deployments, a valid certificate can be installed and these exceptions will not be needed.
- Click the Applications tab
- Click + Add to add a new application.
Select the Access Gateway Sample Header App option from the left column menu, and click Create.
The New Protected Application wizard will start and display the Setting tab for the application being added.
Review the Settings tab then click Next.
The Settings page provides options with which to further configure the application.
For more information on the application setting , see About application settings.
The Attributes page provides a list of attributes that will be passed into the application. This page also provides the ability to add, edit, or remove any attribute.
For more information on the attribute options, seeApplication attributes.
In a new tab, Navigate to your Okta Org and sign in as an Administrator.
Click Directory > Profile Editor.
- Click Profile in the Actions column.
- Click + Add Attribute to add a custom attribute that will be used to send header information through the Sample Header Application.
- Enter a Display name, for example Gender ,and an appropriate Variable name, again for example gender. Click Save.
- Click Directory > People.
- Select your account under the Person & Username column.
- Click the Profile tab, and click Edit.
- Scroll down to the new attribute, in this example Gender, and enter a corresponding value.
- Click Save.
Return to the Access Gateway Admin Console.
Select the new application and click the pencil icon.
In the Attributes section, click the +.
Scroll down to the Add new Session Attribute window.
In the Name field, enter manager, and select the manager attribute type in the Value field.
In the Value menu, type in the name of the attribute you want to add, and then click the new attribute in the dropdown menu.
- Click Next.
- Click Done.
- Confirm that the Sample Header App is displayed as Active in the Protected Applications list.
- Click the Goto App icon.
Ensure that the Public Domain defined in the Configure the Header Application Settings is added to local host file or DNS Server pointing to the VM running Access Gateway. For example:
<ip address> <app public domain> xxx.xxx.xxx.xxx header.gateway.info
Access Gateway inserts the cookie header into the request before it is sent to the back-end web application.
Select IDP Initiated from the drop down menu to verify the application is working.
Your Okta tenant administrator will need to assign the header application to you.
- In the application page, review and verify that the Sample Header App sent to Okta matches your profile information.
- For information about the generic header application please see Add a generic header application.
- For information about the sample header application please see Add a sample header application.
- For information on the sample policy application please see Add a sample policy application.
- Add or review application essential settings. For more details see About application essentials and Manage application essentials.
- Add application behaviors. For details and examples of behaviors see About application behaviors.
- Add fine grained policy to further protect resources. An overview of user policy can be found in About application policy.
For details and examples of policy see Manage application policy .
- Extend existing policy using Custom configuration, see Advanced Access Gateway Policy.
- Define one or more certificates for use with this application. See Configure certificates.
- Add supplemental database or LDAP based data stores. For more information see Administer data stores.