Required Okta Settings for SSO Responses to Arctera Unified Platform

book

Article ID: 100044175

calendar_today

Updated On:

Description

Error Message

No particular error will appear, but the verified SSO session should allow users access without signing in through the Arctera Unified Platform login gateway. 

Cause

This is typically due to a digital signature being excluded from the Okta SAML response to the Arctera Unified Platform authentication servers.

Resolution

Ensure the following fields are set accordingly in the Okta administration console, under settings for the Arctera Unified Platform application:

Response - Unsigned

Assertion Signature - Signed

Signature Algorithm - RSA_SHA256

Digest Algorithm - SHA256

Note:  All SSO providers must provide signatures in responses to SAML requests by Arctera Unified Platform, or those requests would fail.  This particular article focuses on the proper implementation of signatures in those responses with Okta.

Issue/Introduction

Organizations using Okta for Single Sign-On (SSO) functionality with Arctera Unified Platform could be re-directed to the Login Gateway for any Arctera Unified Platform web pages such as Personal Archive, eDiscovery, or the Management Console.