Step 2: Configure Okta application source in VMware Identity Manager

Prerequisites

This step configures VMware Identity Manager to send device posture information in the SAML response to Okta after the user is authenticated.

This is a one-time, initial configuration task.

You have configured VMware Identity Manager as an identity provider in Okta as described in Step 1: Configure VMware Identity Manager as an Identity Provider in Okta.

In the OKTA Application Source wizard Definition page, enter a description if needed, then click Next.
In the Configuration page:
1. For Configuration, select URL/XML.
2. In the URL/XML text box, copy and paste the SP metadata that you downloaded from Okta as described in Add an Identity Provider in Okta

If you plan to configure device trust for iOS and Android mobile devices, click Advanced Properties and set the following options to Yes.

These properties are mandatory for the device trust solution for iOS and Android devices.

Option	Description
Device SSO Response	Sends device posture information in the SAML response to Okta after the user is authenticated.
Enable Force Authn Request	Enable Force Authn request. The service provider can send the forceAuthn=true flag in the SAML request, which forces the user to be reauthenticated.
Enable Authentication Failure Notification	Receive SAML response error messages when authentication fails.

Authentication requests from Okta applications will be authenticated using this policy set.

Click Next, review your selections, and then click Save.
Click the OKTA Application Source again.
In the Configuration page, modify the Username Value to match the value that Okta is matching against, such as Okta Username.

After you configure the Okta application source, assign it to all users in VMware Identity Manager.

You have configured the Okta application source in VMware Identity Manager as described in Configure Okta application source in VMware Identity Manager.