Configure Okta as a SAML source
Create the SAML 2.0 application in Okta
- Navigate to Applications and click Create App Integration.
- Click SAML 2.0 as the Sign-In method.
- Click Create your own application.
- Name the application. We recommend
Rapid7 InsightVM Console
- Click Next.
- In the Single sign on URL field, paste the InsightVM Console ACS URL:
https://<console-hostname>:<console-port>/saml/SSO
- If the ACS URL contains hostname/FQDN, set a Base Entity URL in the InsightVM Security Console.
- In the Audience URI (SP Entity id) field, paste the entity ID that you copied from the Security Console (http://rapid7.com/nsc/console/…).
- Set the Name ID format to EmailAddress.
- Set Application username to Email.
- (Optional) Add a custom Attribute Statement and set it to:
emailaddress > unspecified > user.mail
- Click Next and then click Finish.
Copy and upload IDP metadata
- Navigate to the Sign On tab of your newly configured Okta application.
- Under Settings, click View Setup Instructions.
- In the Optional section, copy the contents of the IDP metadata field.
- In the Security Console, go the Administration page.
- In the Console section, click Authentication: 2FA and SSO.
- Click Configure SAML Source.
- Click Choose File and select the metadata file.
- Click Save.
- Restart the console services.
Create a user in the Console
- On the Administration page, under User Management, click Add User.
- Complete the required User Information fields. The E-mail address field is case sensitive, and must exactly match the existing IdP user account email value.
- Select SAML Authorization Method > SAML.
- Select the User Role.
- Assign Site and Asset Group Permissions.
- Click Save.
Authenticate to InsightVM using SAML
- Login to your Okta application landing page.
- Select the Rapid7 InsightVM Console tile.
Did this page help you?