Administer local Identity Providers

Concepts

Identity Providers provide:

  • Identity federation between Access Gateway and Okta tenants/local identity providers.
  • Services such as:
    • Authorization and authentication support.
    • Application data for identification and policy decisions.

Local Identity Providers can be used in the absence of an Okta org IDP. For example, because of a network outage.

Add a Local IDP

To add a local idP:

  1. In your browser, navigate to the Access Gateway Admin UI and sign in.
  2. Select the Settings tab,
  3. Select Identity Providers.
  4. Click + and select Local SAML IDP.
  5. Enter the following fields:

    Field

    Description

    Example

    Name

    Required. Unique name that identifies the IDP. Display in the list of IDPs

    My Local IDP

    Host

    Required. A unique Access Gateway hosted domain. Must not match any others.

    idp.domain.tld

    Cookie Domain

    Required. A unique Access Gateway hosted domain name. This must not match existing Access Gateway domain names.

    domain.tld

    Default Auth Module

    Required. A previously created auth module.

    See Administer Auth Modules.

    Name Attribute

    Required. Attribute to be obtained from the remote Active Directory.

    email

    Name Attribute Format

    Required. Defines the name format used in the SAML assertion. Select one of the values from the list.

    Email address

  6. Click Okay.
  7. After any creation of update all Identity Providers will be validated. Valid identity provider displays the status as Valid ().