Administer local Identity Providers
Concepts
Identity Providers provide:
- Identity federation between Access Gateway and Okta tenants/local identity providers.
- Services such as:
- Authorization and authentication support.
- Application data for identification and policy decisions.
Local Identity Providers can be used in the absence of an Okta org IDP. For example, because of a network outage.
Add a Local IDP
To add a local idP:
- In your browser, navigate to the Access Gateway Admin UI and sign in.
- Select the Settings tab,
- Select Identity Providers.
- Click + and select Local SAML IDP.
- Enter the following fields:
Field
Description
Example
Name
Required. Unique name that identifies the IDP. Display in the list of IDPs
My Local IDP
Host
Required. A unique Access Gateway hosted domain. Must not match any others.
idp.domain.tld
Cookie Domain
Required. A unique Access Gateway hosted domain name. This must not match existing Access Gateway domain names.
domain.tld
Default Auth Module
Required. A previously created auth module.
See Administer Auth Modules.
Name Attribute
Required. Attribute to be obtained from the remote Active Directory.
email
Name Attribute Format
Required. Defines the name format used in the SAML assertion. Select one of the values from the list.
Email address
- Click Okay.
- After any creation of update all Identity Providers will be validated. Valid identity provider displays the status as Valid (
).