Configure the PeopleSoft application
During this task we will create the Oracle PeopleSoft application in Access Gateway.
- Add the application
- Configure the application
- [Optional] Configure load balancing
- [Optional] Configure certificates
Add the application
- Sign in to the Access Gateway Admin UI console.
Click the Applications tab.
- Select Oracle PeopleSoft from the left column menu, and upper right-click Create.
Configure the application
In the Essentials pane enter:
Field Value Label
The name of the application, as shown in your Okta tenant.
For example: PeopleSoft SSO.
The customer facing URL of the PeopleSoft application.
For example: https://ps-external.example.com
<gateway.info> must match the PeopleSoft domain, which is in the Protected Web Resource section as domain.tld.
Protected Web Resource
The URL and port combination of the Oracle PeopleSoft Implementation being protected.
For example: http://ps-internal.example.com:8000 See Configure load balancing.
Post Login URL
Browseable route-through location to pick up the required cookie from Okta Access Gateway and pass along to the Oracle PeopleSoft implementation.
For example https://ps-external.example.com/psp/ps/.
Note that the post login URL is automatically populated and can contain other elements specific to the implementation.
Group The group containing users who can access the PeopleSoft instance.
- Expand Advanced section and click enable Content Rewrite.
Configure load balancing
Available since Access Gateway version 2022.2.3
Okta recommends that whenever possible load balancers and Access Gateway as a load balancer be implemented.
See Load balancing.
- Expand the Protected Web Resource tab.
- Enable Load Balancing By Access Gateway.
A table of hostnames and weights representing the target load balancing instances appears. This table is initially empty. Click edit to modify an entry in the table, or click delete to delete an entry.
- Choose either HTTP or HTTPS as the URL scheme. Each protected web resource that you add inherits this scheme.
- Optional. Enable and specify Host Header value.
- Complete the following steps to add a host, repeat as required:
- Click Add protected web resource.
- Enter a fully qualified hostname:port combination (for example, https://backendserver1.atko.com:7001).
- Enter a weight from 1 to 100. Enter 0 to specify that a host is disabled.
Weights represent the percentage of requests that will be routed to this host.
For example, two hosts of weights 2:1 would result in requests being routed ~66% to the host weighted 2 and ~33% to the host weighted 1.
- Click Okay.
Optional. Configure health checks, which use GET operations to confirm that back-end resources are functional.
New requests aren't routed to resources that have been labeled unhealthy by the health checks.
- Enable Load Balancer Health Check.
- Click Edit to modify health check settings.
- Modify settings as required.
Path URI to resource used in health check. / Method HTTP method used. Always GET Status code HTTP status code used to determine health. 200 Interval Interval between health checks in seconds. 10 Request timeout Health check request timeout in seconds. 1 Healthy threshold Number of successful requests before a host is considered healthy. 3 Unhealthy threshold Number of failed requests before a host is considered unhealthy. 3
- Click Save to save changes or click Cancel to exit without saving.
- Expand the Certificates tab.
By default, when you create the application the system generates a self-signed wildcard certificate and assigns it to the app.
- Optional. Click Generate self-signed certificate. A self-signed certificate is created and automatically assigned to the application.
- Optional. Select an existing certificate from the list of provided certificates.
Use the Search field to narrow the set of certificates by common name. Use the page forward (>) and backward (<) arrows to navigate through the list of available certificates.
- Click Next. The Attributes pane appears. See Application attributes.
The required attributes are pre-populated, and are presented for reference.
- Verify the login attribute:
Data Source Field Type Name IDP
The attribute in your Okta tenant that stores the PeopleSoft username. This can be a different attribute or can use Okta username mapping to create the PeopleSoft username dynamically.
- Click Done.
While optional, Okta recommends that all applications include certificates.
See Certificate use for general information about certificate, or Certificate management for a general task flow for obtaining and assigning certificates.
The application is added and the Application list page is displayed.