Add SharePoint application
- Verify that Access Gateway is installed and configured. See Manage Access Gateway deployment.
- Verify that Access Gateway uses your Okta org as an Identity Provider (IdP). See Configure an Identity Provider in Access Gateway.
- Verify that you have administrator rights on your Okta org and can create groups and assign applications.
- Window server configured with IIS application and Active Directory Services running as a Domain Controller and implementing Kerberos (IWA) SSO.
Note this is an example architecture. It would be unusual in large production environments to have an application server (IIS), also be a DC.
- Access Gateway DNS must be served by the Windows DNS server.
- Confirm that the external app version is supported. Supported Kerberos app versions include:
- Microsoft IIS IWA: IIS 7 or later
- Microsoft OWA IWA: IIS 7 or later
|Review and document existing architecture||
Review existing architecture, determine ports, configuration, zones, and whether Kerberos is enabled.
Configure a SharePoint specific SPN and enable Kerberos as required.
|Configure SharePoint as Kerberos||Configure SharePoint support for Kerberos.|
|Configure SharePoint as IIS IWA application||Run Microsoft SharePoint IWA wizard and configure SharePoint as an IIS IWA application.|
|Configure SharePoint to work with a reverse proxy||Configure SharePoint to work with Access Gateway as a reverse proxy.|
|Test||Test the SharePoint integration.|