• Cloud Edge Secure Access
• Welcome to SonicWall Cloud Edge!
• Prerequisites
• Installation
  • Accessing the Client Management Console
  • Installation Methods
• Networks
  • Understanding Networks
  • SDP Networks
  • Regions and Gateways
    • Adding a region
    • Adding a gateway
  • Connecting Infrastructure
    • Prerequisites
    • Site-to-Site Connections
    • IPsec Tunnel
    • WireGuard Connector
    • Connect On-Prem Resources
      • Firewalls
        • SonicWall
    • Connect Cloud Resources
      • Amazon AWS
        • AWS Virtual Gateway
        • AWS Transit Gateway
      • Alibaba Cloud
      • Microsoft Azure
      • Google Cloud Platform
      • Heroku Enterprise
      • IBM Cloud
      • Docker
• Groups and Members
  • Members
    • Inviting Members
    • Password Requirements
    • Managing Roles
  • Groups
    • Managing Groups
    • Identity Provider Groups
  • Identity Providers (IdP)
    • Integrate Identity Providers
    • Azure AD
      • Azure Active Directory (SAML 2.0)
      • Azure Active Directory
    • Google Suite
      • Google Services
      • Google Apps (SAML 2.0)
    • On-Premises Active Directory
    • SAML 2.0
      • Generic SAML
      • Active Directory Federation Services (ADFS)
      • Auth0
      • Okta
      • OneLogin
      • PingIdentity
      • JumpCloud
• Securing the Platform
  • Securing Networks
    • Segmenting Networks
    • Device Posture Check
    • Network Traffic Control
    • Firewall-as-a-Service
  • Securing User Access
    • Multi-Factor Authentication
      • MFA Authentication
      • DUO Security
    • Agent-less Access
      • Zero Trust Application
        • HTTP/HTTPS
        • RDP (Remote Desktop Protocol)
        • SSH (Secure Shell)
        • VNC (Virtual Network Computing)
      • Zero Trust Policies and Rules
    • Agent-based Access
      • SonicWall Agents
        • Downloading and Installation
      • Agents Configuration
        • User-Groups Policies
        • Managing Configurations
        • General Configurations
        • Network Configuration
        • OS-Specific Configurations
• Monitoring
  • Activity Tracking
    • Activities and Logs
    • Member Devices
  • Monitoring Dashboard
  • Integrations
    • Amazon S3
    • Azure Sentinel
    • Splunk Cloud
• Compliance
  • HIPAA
  • GDPR
  • SOC 2 Type 2
• SonicWall Support
  • About This Document

Okta

This article describes how to set Okta as your identity provider.

• Configuring your Okta account
• Configuring SonicWall Cloud Edge
• Access Error troubleshooting

Please follow the steps below:

To successfully integrate Okta and SonicWall Cloud Edge you must have admin access in both platforms.

Configuring your Okta account

1. Log in to your Okta account.
2. On the general Okta dashboard, select Dashboard. This takes you to the Okta Admin Dashboard.

3. Using the list of shortcuts at the right-hand side of the screen, select Add Applications.

   

4. On the Add Application page, select Create New App.

   

5. On the Create a New Application Integration pop-up window, select Web as the Platform for your application and choose SAML 2.0 as the sign-on method. Select Create to proceed.

   

6. You will now create your SAML integration. On the General Settings page, provide the following:

   • App name: Your choice
   • App Logo: (Optional)
   • App visibility: select whether you want your users to see your application icon and in what settings.

7. Select Next to proceed.

   

8. Next, you will see the SAML Settings page. Enter the following values into the appropriate fields:

   Single sign-on URL : https://auth.sonicwalledge.com/login/callback?connection=tenantname-oc

   Audience URI (SP Entity ID): urn:auth0:sonicwall-production:tenantname-oc

   For example, tenantname.sonicwalledge.com workspace should translate to

   urn:auth0:sonicwall:tenantname-oc

   

9. You will also need to add the following Attributes Statement:

   • Name: email
   • Name format (optional): Unspecified
   • Value: ${user.email}
   • Name: given_name
   • Name format (optional): Unspecified
   • Value: ${user.firstName}
   • Name: family_name
   • Name format (optional): Unspecified
   • Value: ${user.lastName}

   

10. Now add the Group Attribute statement:

    • Name: groups
    • Name format (optional): Unspecified
    • Filter type: Matches regex
    • Value: .*

    

11. You can select Preview the SAML assertion to generate an XML file that can be used to verify that your provided settings are correct.
12. Select Next to proceed.
13. Finally, answer Are you a customer or partner? by selecting I'm an Okta customer adding an internal app.

14. Select Finish (filling in the questions on this page is not mandatory).

    

    You'll be directed to the Sign-On page for your newly-created app.

15. Select Assignment then Assign to create either groups or individual assignments from your Identity Provider to the application (this will determine who can access it).

    

16. Select Sign-On and then View Setup Instructions to complete the process.

    

17. Take note of the Identity Provider Single Sign-On URL, and download or copy the X.509 certificate.

    

Configuring SonicWall

You need to configure the integration from the SonicWall Cloud Edge side.

1. Log in to your SonicWall Cloud Edge Management Platform, and navigate to Settings and then Identity Providers.

   

2. Select + Add Provider.
3. Select Okta Identity Cloud.
4. Fill in Sign In URL and X.509 Signing Certificate you previously copied.

5. Add your organization domain.

   

6. Select Done.

Access Error troubleshooting

If your users are getting access error after the configuration, please check these steps.