Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
16 views
in CompleteFTP by (46.8k points)

A customer asked us how to use Okta's SAML single-sign-on service with CompleteFTP.

1 Answer

0 votes
by (46.8k points)
 
Best answer

At the time of writing, Okta's IDP metadata doesn't include the identifier that CompleteFTP uses to differentiate between multiple IDP's. In order to work around this problem, it's necessary to manually edit the metadata to insert this identifier, called the 'entity ID'.

To do this, you must first obtain the entity ID from Okta. This is available on the page shown when you press the 'View Setup Instructions' button in the 'Sign On' tab of the admin page for your application on the Okta website. To make things even more difficult, there's a space missing, so that the entity ID runs together with the last word preceding it, i.e. "The Identity Provider Issuer isXYZ", where XYZ is the entity ID. Be careful to only copy the entity ID when you copy it to the clipboard.

Now download the metadata XML file and open it in a text editor. The second line begins:

<md:EntityDescriptor

Insert the following immediately after this:

entityID="XYZ"

where entity ID that you copied to the clipboard.

Once you've done this you can add it to CompleteFTP in the usual manner and it should work. Please contact our support team if it still doesn't work.

Categories

...