Article Overview:
This article will cover how you can achieve the following:
This article will describe how to log in to Virtuoso when it has been integrated with Okta (SAML) and user face issues while logging in.
Problem Statement:
Users experience difficulties logging into Virtuoso via Okta using SAML due to AWS Cognito's limitation, which only supports Service Provider (SP) initiated authentication flows. This causes issues when trying to log in directly through Okta.
This article provides a workaround to resolve the issue by hiding the Virtuoso SAML app from the Okta dock and using a bookmark to allow users to log in without initiating the process from Okta.
Solution:
The workaround involves hiding the Virtuoso SAML app from user docks in Okta and adding a bookmark instead. This allows users to log in to Virtuoso without starting the authentication in Okta.
1. Hide the Virtuoso SAML 2.0 App in Okta
- Log in to the Okta admin dashboard.
- Navigate to Applications and find the Virtuoso SAML 2.0 app.
- Click on the Virtuoso SAML 2.0 app and select the General tab.
- Click Edit.
- Check the Do not display application icon to users checkbox.
- Click Save.
2. Add a Bookmark in Okta for Virtuoso
- Copy the organization slug from the organization settings page in Virtuoso.
- Log out from Virtuoso.
- Open https://app.virtuoso.qa/#/<slug>/login in your browser, replacing <slug> with the copied slug.
- Right-click and inspect the Login with Single Sign On button to find the <a> element.
- Copy the link in the href property. Note: This URL is very long and contains critical query parameters. Ensure the entire link is copied without truncation.
3. Create the Bookmark in Okta
- Log in to the Okta admin dashboard.
- Navigate to Applications.
- Click Browse App Catalog.
- Search for the Bookmark App.
- Click the Bookmark App.
- Click Add Integration.
- In the Application Label, enter "Virtuoso".
- In the URL field, paste the URL copied in step 5 above of Add a Bookmark in Okta for the Virtuoso section.
- Click Save.
- (Optional) Add the Virtuoso logo to the bookmark by downloading the image and adding it to the bookmark logo.
- Click Assign and select the users or groups you want to assign the bookmark to.
Troubleshooting
If users can log in from Virtuoso using https://app.virtuoso.qa/#/<slug>/login but receive a 404 error when using the bookmark in Okta, the bookmark link might be invalid.
This usually happens if the link is truncated or altered. Repeat the process on the same machine to ensure the correct link is set up in Okta.
Comments
0 comments
Please sign in to leave a comment.