Arnica Documentation
  • Introduction
  • Getting Started
    • ๐Ÿ”‘Sign Up
    • โ–ถ๏ธSCM Integrations
      • Azure DevOps
      • Bitbucket Cloud
      • Bitbucket Server & Datacenter
      • Github
        • GitHub Audit Logs
        • Github App Permissions
      • Gitlab
    • ๐Ÿ“คChatOps
      • Microsoft Teams
      • Slack
        • Adding Arnica to a New Channel
        • Interacting With the Arnica Slackbot
    • ๐ŸŽซTicket Management
      • ๐Ÿ›Jira Integration
      • ๐Ÿ“‹ADO Boards Integration
    • ๐Ÿง Artificial Intelligence
      • Azure OpenAI
      • OpenAI ChatGPT
    • ๐ŸจOn Premise Integrations
  • Inventory
    • ๐Ÿ’ผIdentities, Repositories & Organizations
    • ๐Ÿ“‡Software Bill of Materials (SBOM)
    • ๐Ÿฆ„Prioritization & Product Ownership
  • Hardcoded Secrets
    • ๐Ÿ•ต๏ธSecret Detection
    • โชRealtime Secret Mitigation
    • ๐Ÿฅ•Secrets Policy Settings
  • Code Risks
    • ๐ŸŽผStatic Application Security Testing (SAST)
      • Custom SAST Rules
    • ๐ŸงฉSoftware Composition Analysis (SCA)
    • ๐Ÿ”ก3rd Party Package Licenses
      • Override License Classifications
    • ๐Ÿคน3rd Party Package Reputation
      • Identifying Low Rep Packages
      • How to Find Alternative Packages
    • โ›…Infrastructure as Code Security (IaC)
    • ๐Ÿค–Code Risk Policy Settings
      • Developer Feedback On Push
      • Require Review Before Dismissal
      • 0 New High Severity Vulnerabilities
      • Enforce Remediation SLA
    • ๐Ÿช„Code Risk Magic Links
    • ๐Ÿ“ฆCode Risk Language and Framework Support
  • Platform Operations
    • ๐ŸšชJoining an Existing Org
    • โŒDeleting a Tenant
    • ๐Ÿซ‚How do I invite members to my tenant?
      • New User Invitations
    • ๐Ÿ‘ฅUsers & Roles
    • ๐Ÿ”‡Deleting Integrations
    • โŒ›Scheduled Jobs
      • How often do Jobs run?
    • ๐Ÿ’ธBilling
  • Security
    • ๐ŸŽฎRole Based Access Control (RBAC)
    • ๐Ÿ›ก๏ธData Handling
    • ๐Ÿ›๏ธSSO Integration
      • Okta Integration
      • Entra ID Integration
Powered by GitBook
On this page
  • Okta integration instructions
  • Get organization identified in Arnica
  • Add app integration in Okta

Was this helpful?

  1. Security
  2. SSO Integration

Okta Integration

This article describes the process of integrating Arnica with Okta SSO

PreviousSSO IntegrationNextEntra ID Integration

Last updated 11 months ago

Was this helpful?

Okta integration instructions

By integrating Arnica with Okta single sign on (SSO) you can ensure that all users authenticating with Arnica are doing so through your organizations-managed Okta provisioning and de-provisioning. The setup of the integration requires taking steps on Arnica and Okta. Below are the details.

Get organization identified in Arnica

  1. Sign into Arnica and click on your avatar.

  2. Select Edit Account

  3. Copy the Organization ID (we will call it YOUR_ARNICA_ORGANIZATION_ID in the next steps in this guide).

Add app integration in Okta

The following steps must be completed by an Okta administrator:

  1. Click on Create App Integration button.

  2. In the dialog that opens, select SAML 2.0

  3. In General Settings, set the following:

  4. In Configure SAML -> A: SAML Settings

    1. In General

      A. Single sign-on URL: enter https://arnica-prod.us.auth0.com/login/callback?connection={YOUR_ARNICA_ORGANIZATION_ID}

      B. Audience URI (SP Entity ID): enter urn:auth0:arnica-prod:{YOUR_ARNICA_ORGANIZATION_ID} C. Leave the other fields with their default value.

    2. In โ€œAttribute Statementsโ€: add the following mappings (These statements are case sensitive)

      Name
      Name format
      Value

      email

      Unspecified

      user.email

      given_name

      Unspecified

      user.firstName

      family_name

      Unspecified

      user.lastName

      email_verified

      Unspecified

      true

    3. In "Group Attribute Statements": add the following mapping:

      Name
      Name format
      Filter

      groups

      Unspecified

      Starts with: arnica-

      โš ๏ธ IMPORTANT: The filter must match the directory groups, i.e. for the above it will send only groups that start with arnica- (case sensetive)

    4. Click Next (Though the section title says โ€œOptionalโ€ this step is required for Arnica integration)

    5. In Feedback

      A. Are you a customer or partner? Mark โ€œI'm an Okta customer adding an internal appโ€

      B. Leave other fields empty and click Finish

  5. Under Sign On -> Settings -> Sign on methods -> SAML 2.0, click on More details

1. Copy the Sign on URL

2. Download the Signing Certificate

    1. Subject: SSO Onboarding Request

    2. Email domain: the domain for which you would like to setup SSO, e.g., yourcompany.com

    3. Arnica Organization ID: your arnica organization ID obtained earlier.

    4. Sign on URL: the Sign on URL from the step above.

    5. Attach the Signing Certificate from the step above.

    6. Leave a contact phone number and available times for Arnicaโ€™s customer success to help with the onboarding process.

    7. We are typically fast at responding to these requests, but please allow up to 1-2 business days to get confirmation.

Go to the following URL: https://{YOUR_OKTA_ADMIN_DOMAIN}.okta.com/admin/apps/active. For example: . This page will result in a 404 error if you do not have permissions.

App name: Arnica App logo: you can download the logo from and upload it to Okta

image

Send the following to the following information.

๐Ÿ›๏ธ
https://company-admin.okta.com/admin/apps/active
here
support@arnica.io
https://app.arnica.io/