To use Okta Active Directory (AD) with Avaya Experience Platform™ (On-Prem + Connect), create an SSO Security Assertion Markup Language (SAML) application on Okta AD.
Before you begin
Ensure that you have Okta AD configuration access on the Okta portal.
Ensure that you configure an account on Application Center Administration.
Procedure
Log in to the Okta portal with your account credentials.
In the navigation tree, click Applications > Applications.
Click Create App Integration.
On the Create a new app integration screen, select SAML 2.0.
Click Next.
On the General Settings screen, type the application name in the App name field.
Click Next.
On the Configure SAML screen, enter values in the following fields of the SAML Settings section:
Single sign-on URL: https://<axp admin cluster fqdn>/auth/realms/<tenantID>/broker/<application-name>/endpoint
Copy the Redirect URI of Keycloak from the SAML v2.0 provider page of Keycloak and paste it into this field. Replace the value with your Tenant ID and Okta App Name. For example, Tenant ID is GEEOZI, and Okta App Name is AuthUsingOkta.
Audience URI (SP Entity ID): https://<axp admin cluster fqdn>/auth/realms/<tenantID>/broker/<application-name>/endpoint
Copy the Redirect URI of Keycloak from the SAML v2.0 provider page of Keycloak and paste it into this field. Replace the value with your Tenant ID and Okta App Name. For example, Tenant ID is GEEOZI, and Okta App Name is AuthUsingOkta.
Default RelayState: Do not set any value
Name ID format: Transient
Application username: Email
In the Attribute Statements (optional) section, enter values in the following fields:
Name: email
Name format: Unspecified
Value: user.email
Click Next.
On the Feedback screen, choose the relevant option.
Click Finish.
You can now view the application on the Applications page.
