Enabling Okta for Single Sign-On

Enabling Okta for Single Sign-On

To enable Okta:

  1. Go to Organization Settings > Organization Account
    This option is available only for Owners.
  2. Select the Authentication tab, then click Change provider and follow the instructions.



  3. On the Authentication provider screen, select Okta, then click Next.




    1. Go to Applications and click 
      Create App Integration.
      Create a new app if there is already an app listed.


    2. Select the SAML 2.0 sign-on method and create an application.


    3. In the Create SAML Integration wizard, under the General Settings step, enter the App name.


    4. In the Configure SAML step:
      1. Enter the Attribute Statements as shown below.
      2. Fill the other required fields (e.g., Single Sign-On URL, Audience URI) with temporary/random values, as they will be updated later The Attribute Statements will be required again during the Additional Info 
        step.




    5. Complete the application creation flow.

    6. In the SAML Signing Certificates section, from the Actions drop-down, select View IdP metadata.
      The IdP metadata opens in a separate tab in browser.


    7. Download the page information to your computer. This file will serve as the IDP Configuration file which is required to change organization’s authentication type to OKTA.


    8. To allow users to log in with OKTA:
      1. Create and assign users to your OKTA app.
      2. Add the same users to the software portal.
      NotesThe email addresses must match exactly in both the Portal and OKTA.

    9. To add a user
      1. Navigate to Directory > People.
      2. Click Add Person, fill in the required fields, and click Save
        .


    10. In Additional Info window:
      1. Enter User ID SAML attribute (givenName or email) 
      2. Upload IDP configuration file.


    11. Verify that all user emails are correct. Update them if necessary.


    12. Copy the Redirect URL.
      This is required during OKTA setup process within OKTA (https://okta.com). Click Close to complete the SSO setup process.


    13. Paste the Redirect URL, copied from Step 16, into Single Sign-on URL and Audience URI to complete the SSO setup.


    14. The OKTA setup is complete.


      • Related Articles

      • Setting Up LDO ServiceNow Integration

        Prerequisites Before configuring the integration between LDO and ServiceNow, ensure the following prerequisites are met to establish proper synchronization: Terminology Alignment In LDO, a physical device (such as a laptop, desktop, or server) is ...

      • LDO DEX (SysTrack)

        Lenovo Device Orchestration can be bundled with various Digital Experience Management (DEX) solutions. Currently, LDO supports integration with SysTrack by Lakeside Software. Integrations with SysTrack The LDO DEX (SysTrack) bundled solution includes ...

      • Editing Your Profile

        To access your profile, click on the small down arrow to the right of your user icon and select My Profile. Information tab Photo Depending on your organization’s policy, the software allows you to add an avatar or picture for easier visual ...

      • Setting Up Organization Accounts

        Accessing Your Account When your organization's portal is created, a single administrative account will be created. The IT Owner (Org Admin) specified to Lenovo at the time of sale will receive a Lenovo Device Orchestration (LDO) e-mail indicating ...

      • Using Policy Management

        Policy Management provides customized settings for LDO organizations. This feature is available only for Org Admins and MSP Admins. Feature Settings To access Policy Management settings, navigate to Policy Management > Feature Settings in the left ...