Migrating LDO to Okta

Migrating LDO to Okta

To migrate LDO to OKTA, follow these steps.

  1. Go to Organization Settings > Organization Account
    Notes
    This option is available only for Owners.

  2. Select the Authentication tab, then click Change provider and follow the instructions.


  1. On the Authentication provider screen, select Okta, then click Next.


  2. Log in to Okta (https://okta.com/login).


    1. Go to Applications and click Create App Integration.
      Notes
      Create a new app if there is already an app listed.


    2. Select the SAML 2.0 sign-on method and create an application.


    3. In the Create SAML Integration wizard, under the General Settings step, enter the App name.


    4. In the Configure SAML step:
      1. Enter the Attribute Statements as shown below.
      2. Fill the other required fields (e.g., Single Sign-On URL, Audience URI) with temporary/random values, as they will be updated later The Attribute Statements will be required again during the Additional Info step.




    5. Complete the application creation flow.

    6. In the SAML Signing Certificates section, from the Actions drop-down, select View IdP metadata.
      The IdP metadata opens in a separate tab in browser.


    7. Download the page information to your computer. This file will serve as the IDP Configuration file which is required to change organization’s authentication type to OKTA.


    8. To allow users to log in with OKTA:
      1. Create and assign users to your OKTA app.
      2. Add the same users to the software portal.
      NotesThe email addresses must match exactly in both the Portal and OKTA.

    9. To add a user
      1. Navigate to Directory > People.
      2. Click Add Person, fill in the required fields, and click Save.


    10. In Additional Info window:
      1. Enter User ID SAML attribute (givenName or email) 
      2. Upload IDP configuration file.


    11. Verify that all user emails are correct. Update them if necessary.


    12. Copy the Redirect URL.
      This is required during OKTA setup process within OKTA (https://okta.com). Click Close to complete the SSO setup process.


    13. Paste the Redirect URL, copied from Step 16, into Single Sign-on URL and Audience URI to complete the SSO setup.


    14. The OKTA setup is complete.


      • Related Articles

      • Setting Up LDO ServiceNow Integration

        Prerequisites Before configuring the integration between LDO and ServiceNow, ensure the following prerequisites are met to establish proper synchronization: Terminology Alignment In LDO, a physical device (such as a laptop, desktop, or server) is ...

      • Using the Dashboard in LDO

        The Dashboard is the home page of Lenovo Device Orchestration, providing an at-a-glance overview of the devices in your organization and related information. It consists of multiple widgets, each representing a different category of device ...

      • Intel® EMA CIRA Connection Issues in LDO

        There may be occasions when the EMA CIRA connection will display the status as Not Connected in the Device tray - please refer to Viewing Device information - Windows operating system. This troubleshooting article will help you resolve the Not ...

      • Editing Your Profile

        To access your profile, click on the small down arrow to the right of your user icon and select My Profile. Information tab Photo Depending on your organization’s policy, the software allows you to add an avatar or picture for easier visual ...

      • Generating API Credentials

        This article provides a step-by-step guide on how to generate and manage API credentials for Lenovo Device Operations (LDO) portal. It covers the process of creating Client ID and Secret Key, obtaining a Bearer Token for authentication, and accessing ...