09-04-2015 05:29 AM
Hopefully someone can help me as I am really struggling
We are trying to get CPPM to authenticate users to salesforce and Box using OKTA. I have followed the SAML config guide but, if I'm honest, I don't get it!
We have set up clearpass as an endpoint in Okta and then tried various things like putting the Okta URL in the SSO profile on the controller, creating SSO services in CPPM etc. But when users connect and go to the OKTA sign in page, nothing happens. I would expect to at least see an auth attempt in Access Tracker but nothing.
Any help would be gratefully accepted.
09-13-2015 07:59 AM
could you provide some more detail on how a user starts this process for example?
have you been working with this:
or not at all?
09-14-2015 03:38 AM
We had a lot of issues with this and are still not quite there. When the user has completed dot1X auth, they could go to their Okta sign in page and should have been authenticated properly. However that was failing as apparently Okta requires an email address rather than an AD username. We are working with the end user's Okta expert currently to see how we can get round this (although, with TAC help, we can authenticate our users using their email address instead of AD username).
We believe we have the Clearpass/mobility controller config correct though.