Okta Single Sign-On Provider for SharePoint On-Premises
-
SharePoint 2016, 2013, or 2010
-
You must add a trusted origin to the Okta application you use with your SharePoint instance:
-
Log in to your Okta Developer account.
-
Click Admin.
-
Click Security, and then, in the drop-down menu, select API.
-
Click the Trusted Origins tab.
-
In the Trusted Origins tab, click Add Origin.
- In the Add Origin panel that appears:
-
Under Name, enter a name.
Example: Coveo Enterprise Search RedirectURI
-
Under Origin URL, enter https://localhost.
-
Select the Redirect checkbox.
-
Click Save.
-
-
Retrieve your application parameters
Before you create a SharePoint security provider and source, you must retrieve two application parameters from Okta, as these parameters are required in the security provider and source configuration (see Creating a SharePoint Security Provider and Configuring and Indexing a Microsoft SharePoint Source).
-
Log in to your Okta Developer account.
-
Click Admin.
-
Click Applications, and then, in the drop-down menu, select Applications.
-
Click the SharePoint (On-Premise) application linked to the SharePoint instance you want to make searchable.
-
Click Sign On.
-
Under Settings > Sign On Methods, click View Setup Instructions.
-
In the new page that appears, under Setup a new authentication provider > Create the Okta Trusted Token issuer using PowerShell Script, take note of the $realm and $signInURL values, which should respectively be formatted as follows:
Example:
-
urn:okta:sharepoint:myid
-
https://YOURINSTANCE.OKTA_OR_OKTAPREVIEW.com/app/sharepoint_onpremise/sso/wsfed/passive
These values are required when creating your SharePoint security provider and SharePoint source (see Creating a SharePoint Security Provider and Configuring and Indexing a Microsoft SharePoint Source).
-
What's Next?
Create a SharePoint security provider (see Creating a SharePoint Security Provider).