Configure the PeopleSoft application

During this task we will create the Oracle PeopleSoft application in Access Gateway.

Tasks

Add the application

  1. Sign in to the Access Gateway Admin UI console.
  2. Click the Applications tab.

  3. Click +Add to add a new application.

  4. Select Oracle PeopleSoft from the left column menu, and upper right-click Create.

Configure the application

  1. In the Essentials pane enter:
    FieldValue
    LabelThe name of the application, as shown in your Okta tenant.
    For example:PeopleSoft SSO.
    Public DomainThe customer facing URL of the PeopleSoft application.
    For example: https://ps-external.example.com
    Info

    Note

    <gateway.info> must match the PeopleSoft domain, which is in the Protected Web Resource section as domain.tld.

    Protected Web ResourceThe URL and port combination of the Oracle PeopleSoft Implementation being protected.
    For example: http://ps-internal.example.com:8000
    See also Configure load balancing.
    Post Login URLBrowseable route-through location to pick up the required cookie from Okta Access Gateway and pass along to the Oracle PeopleSoft implementation.
    For example https://ps-external.example.com/psp/ps/.
    Note that the post login URL is automatically populated and can contain other elements specific to the implementation.
    GroupThe group containing users who can access the PeopleSoft instance.
  2. Expand Advanced section and click enable Content Rewrite.

Configure load balancing

Available since Access Gateway version 2022.2.3

Important Note

Important

Okta recommends that whenever possible load balancers and Access Gateway as a load balancer be implemented.
See About Access Gateway load balancing.

  1. Expand the Protected Web Resources tab.
  2. In Protected Web Resource tab enable load balancing.
    The Protected Web Resource showing load balancing enabled for this web resource.
    The Protected Web Resource tab will then expand to include a table of hostnames and weights representing the target load balancing instances, initially empty.
  3. Select a URL scheme. All added protected web resources will inherit this scheme. HTTP and HTTPS schemes are supported.
  4. [Optional] Enable and specify Host Header value.
  5. Repeat as required:
    1. Click Add protected web resource.
      A new empty row will be added to the table.
    2. Enter a fully qualified hostname:port combination.
      For example https://backendserver1.atko.com:7001.
    3. Enter a weight between 1 and 100. Enter 0 to specify a disabled host.
      Important Note

      Weights represent the percentage of requests that will be routed to this host.
      For example, two hosts of weights 2:1 would result in requests being routed ~66% to the host weighted 2 and ~33% to the host weighted 1.

    4. Click Okay to add the new host, or Cancel to cancel.
      Click edit () to modify an existing host.
      Click delete() to delete an existing host.
  6. Optional Configure health checks:
    Health checks are optional and use GET operations to confirm back and resources are functional.
    Resources deemed unhealthy are not routed new requests.

    1. Enable health checks.
      The health check slider shown in the enabled position.
    2. Click Edit to modify health check settings.
    3. Modify settings as required.
      FieldValue

      Default

      PathURI to resource used in health check./
      MethodHTTP method used.Always GET
      Status codeHTTP status code used to determine health.200
      IntervalInterval between health checks in seconds.10
      Request timeoutHealth check request timeout in seconds.1
      Healthy thresholdNumber of successful requests before a host is considered healthy.3
      Unhealthy thresholdNumber of failed requests before a host is considered unhealthy.3
    4. Click Save to save changes.
      Click Cancel to cancel changes.

Configure certificates

    Important Note

    Important

    While optional, Okta recommends that all applications include certificates.
    See About Access Gateway certificate use for general information about certificate.
    See Certificate management tasks for a general task flow for obtaining and assigning certificates.  

  1. Expand the Certificates tab.
    Note

    Note

    By default a wildcard self signed certificate is created and assigned to the application when the application is initially created.

  2. Optional. Click Generate self-signed certificate

    A self-signed certificate is created and automatically assigned to the application.
  3. Optional. Select an existing certificate from the list of provided certificates.
    Use the Search field to narrow the set of certificates by common name.
    Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.

  4. Click Next. The Attributes pane appears. See Application attributes.
    Note

    Note

    The required attributes are pre-populated, and are presented for reference.

  5. Verify the login attribute:
    Data SourceFieldTypeName
    IDP

    login

    Info

    Note

    The attribute in your Okta tenant that stores the PeopleSoft username. This can be a different attribute or can use Okta username mapping to create the PeopleSoft username dynamically.

    HeaderPSUSER
  6. Click Done.

The application is added and the Application list page is displayed.