As a service provider, PAS for OpenEdge works with an identity provider to authenticate and authorize a user's information. The identity provider needs to be configured to communicate with the service provider and store user details. The identity provider is Okta. Complete the following step to configure the identity provider.

  1. In Okta, select Applications and then click Create New App.
  2. In the Sign-in method dialog, select SAML 2.0 and then click Next.
  3. In General Settings, in the App name, type PASOE-SAML-SSO and then click Next.
  4. In Configure SAML, enter the following values based on the use case and then click Next.
    Table 1. Okta settings
    Okta setting Value from use case
    Single sign on URL http://machine123:8810/saml2/login/oepas1
    Audience URI (SP Entity ID) /saml2/metadata/oepas1
    Note: This is not required to match the instance name.
    Application username Email
    Attribute Statements (optional) NameuserAuthorities

    Name format Unspecified

    Value PSCUser
  5. In Feedback, select I'm a software vendor. I'd like to integrate my app with Okta and then click Finish.
  6. In Sign On, right-click the Identity Provider metadata to copy the link that must be used to configure PAS for OpenEdge.
  7. Assign users to the new application.
    1. Click People.
    2. Click Add Person.
    3. Click on a specific user. For example user123@acme.com.
    4. Click Assign Applications.
    5. In the search dialog box, locate the PASOE-SAML-SSO application created earlier.
    6. Click Save and Go Back.
    7. Click Done.