Hello Dojo,
We are trying to configure our Okta SAML settings and had a questions regarding these URLS in the configuration.
https://help.dataminer.services/dataminer/#t=DataMinerUserGuide%2Fpart_3%2Fsecurity%2FConfiguring_external_authentication_via_an_identity_provider_using_SAML.htm
According to the documentation here.
3.Configure the SAML settings:
Single sign on URL
The location where the SAML assertion is sent with a POST operation.
•In this box, enter e.g. https://dataminer.example.com/root
•Select the following checkboxes:
•Use this for Recipient URL and Destination URL
•Allow this app to request other SSO URLs
•Enter the following additional URLs:
•https://dataminer.example.com/login
•https://dataminer.example.com/dashboard
•https://dataminer.example.com/monitoring
•https://dataminer.example.com/jobs
•https://dataminer.example.com/ticketing
Audience URI
The intended audience of the SAML assertion.
•In this box, enter https://dataminer.example.com/root
This is how it is configured currently by the team managing okta.
Should a customer replace "dataminer.example.com" in this URL with the IP or hostname of the DMA's?
Thanks in advance!
Hi Ryan,
Both are possible. But in case you want to enable https and make it public available in the future, it's better to configure the name known in the DNS.
At Skyline we used https://ziine.skyline.be. Not the IP address of the server, nor the hostname.
Note if you’re using failover with virtual IP, you’ll also have to add the URLs with the virtual IP address in the “Additional URLs”. For failover with hostnames, the virtual hostname.
Security tip: make sure WantAssertionsSigned is set to “true” in the service provider metadata XML file.