Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
MENU
Home
Security Operations
Cortex XSOAR
Cortex XSOAR Administrator’s Guide
Users and Roles
Authenticate Users with SAML 2.0
Set up Okta as the Identity Provider Using SAML 2.0
Configure the SAML 2.0 Integration for Okta
SAML 2.0 Okta Parameters
Document:
Cortex XSOAR Administrator’s Guide
SAML 2.0 Okta Parameters
Download PDF
Last Updated:
Mar 5, 2022
Current Version:
6.0 (EoL)
Version 6.6
Version 6.5
Version 6.2
Version 6.1 (EoL)
Version 6.0 (EoL)
Version 5.5 (EoL)
End-of-Life (EoL)
Previous
Next
SAML 2.0 Okta Parameters
Describes the SAML 2.0 parameters for Okta as an identity provider.
The following table describes the SAML 2.0 parameters for Okta, when adding a new instance in Cortex XSOAR:
Attribute
Description
Name
A name for the integration instance.
Service Provider Entity ID
The URL of your Cortex XSOAR server (also known as an ACS URL). In the format: https://yourdomain.com/saml
IdP metadata URL
URL of your organization’s IdP metadata file. You can find this in the
Sign On
tab in Otka or when defining an Okta application, as described in
Define the Okta Application to authenticate Cortex XSOAR
.
IdP metadata file
Your organization’s IdP metadata file. You either need to add the IdP metadata URL or the file.
IdP SSO URL
The URL of the IdP application that corresponds to Cortex XSOAR. You can copy and paste the IdP SSO URL in Okta, when clicking
View Setup Instructions
.
Attribute to get username
Attribute in your IdP for the user name.
Attribute to get email
Attribute in your IdP for the user's email address.
Attribute to get first name
Attribute in your IdP for the user's first name.
Attribute to get last name
Attribute in your IdP for the user's last name.
Attribute to get phone
Attribute in your IdP for the user's phone number.
Attribute to get groups
Attribute in your IdP for the groups of which the user is a member.
Groups delimiter
Groups list separator.
Default role
Role to assign to the user when they are not a member of any group.
RelayState
Only used by certain IdPs. If your IdP uses relay state, you need to supply the relay state.
Sign request and verify response signature
Method for the IdP to verify the user sign-in request using the IdP vendor certificate.
Identity Provider public certificate
Public certificate for your IdP.
Private key
Service Provider Private key (pem format).
Do not map SAML groups to Cortex XSOAR roles
SAML groups will not be mapped to Cortex XSOAR roles.
Previous
Next
Recommended For You
Recommended Videos
Recommended videos not found.