Home
Vantage
Administrator Guide
Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
SAML integration
Configure an Okta enterprise application
You can integrate Okta with Vantage. To do this you must create an enterprise application in Okta and assign users to it.

Vantage
- Introduction
  An overview of Vantage.
- Administrator Guide
  Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
  - Administration
  - Migration
  - SAML integration
    - SAML integration configuration
      It is important to understand how Vantage uses security assertion markup language (SAML) single sign-on (SSO) for authentication.
    - IdP configuration for SAML integration
      It is important to understand the different parameters that are needed to configure your identity provider (IdP) for security assertion markup language (SAML) integration in Vantage.
    - Configure your IdP for SAML integration
      Before you configure Vantage's settings for single sign-on (SSO), you need to define a new application in your identity provider (IdP).
    - Configure Vantage for SSO
      Before you can use single sign-on authentication in Vantage, you must configure Vantage.
    - Troubleshooting SAML integration
      Methods that you can use to test that the security assertion markup language (SAML) integration has been successful.
    - Configure a Google Workspace SAML application
      You can integrate Google Workspace with Vantage to provide single sign-on (SSO) services. You should also refer to the Google Workspace documentation for more details on their solution. This topic describes Vantage-specific configuration details when using Google Workspace as your identity provider (IdP).
    - Configure an Okta enterprise application
      You can integrate Okta with Vantage. To do this you must create an enterprise application in Okta and assign users to it.
    - Configure an Azure Active Directory enterprise application
      You can integrate Azure Active Directory with Vantage. To do this you must create an enterprise application in Azure Active Directory and assign users to it.
- User Guide
  Information about the main features of Vantage and the tasks that you can do from the user interface (UI).
- Print format documentation
  A list of all the print-format documentation that is available for Vantage.

Configure an Okta enterprise application

You can integrate Okta with Vantage. To do this you must create an enterprise application in Okta and assign users to it.

Okta groups are mapped to groups in Vantage using the group identifier. The group must exist in both Vantage and Okta and its Group ID in Okta must match its SAML Name or ID in Vantage. During authentication, Okta passes the Okta attribute statements defined for the authenticating user. Vantage ignores those for groups that don't match any of its own. For more details, see Group creation.

In the Okta Admin console, select Applications > > Create App Integration.
Select SAML 2.0.
Enter a name such as Vantage.
Select Next.
Enter the Single sign on URL that corresponds to the assertion consumer service (ACS) uniform resource locator (URL) for Vantage. For example: https://YOUR_VANTAGE_URL/api/v1/saml/auth
Enter the Audience URI. For example: https://YOUR_VANTAGE_URL/api/v1/saml/metadata
The Audience URI is also known as Audience Restriction or SP Entity ID.
Define Group Attributes Statements.

Note: Vantage authentication relies on group attribute statements. You must create such statements for all group that are used for authentication. Users that belong to the group pass the statement you define. XREF
After you have entered these values, confirm your choices and select Save.
Assign users to the enterprise application to grant them access. For more details, see the Okta documentation.
Download the Okta identity provider (IdP) metadata file.
1. In Okta, select the Vantage enterprise application's Sign On tab.
2. Select the Identity Provider Metadata link.
Save this file to a location that the browser that you use for Vantage can access.
Configure Vantage for SSO.