Community
Select to view content in your preferred language

Assistance Needed for Okta Integration with ArcGIS Enterprise OpenID

219
4
Jump to solution
10-03-2024 01:49 AM
Labels (1)
Labels
SreenivasaRaoPigili
by
Frequent Contributor
‎10-03-2024 01:49 AM

Hi All,

I hope this message finds you well.

We’re currently integrating Okta with our ArcGIS Enterprise v11.0 hosted in AWS. We’ve successfully created groups in SailPoint and configured Okta as our OpenID store, enabling users in the SailPoint groups to log in seamlessly through the organizational login process.

Now, we aim to automatically assign portal groups to users during login. For instance, we have a group in SailPoint named "app_administrators" and a corresponding group in the portal called "app_administrators" We would like all users in the SailPoint group to be automatically assigned to the corresponding portal group upon login.

While there is an option to sync with SAML-based logins, I haven’t found a similar option in the OpenID configuration GUI.

Could anyone provide guidance on how to achieve this? Thank you in advance for your help!

0 Kudos
1 Solution

Accepted Solutions
SreenivasaRaoPigili
by
Frequent Contributor
3 weeks ago

Hi All,

   Looks like OpenID is not allowing this kind of facility and We followed SAML approach and completed this activity. 

Marking this as resolved. Thank you all.

View solution in original post

0 Kudos
4 Replies
DennisSmith
by Esri Contributor
Esri Contributor
a month ago

Hello there I wanted to take a moment and let you know that you do have the option within the Portal to set 'New member defaults' you can see that here https://enterprise.arcgis.com/en/portal/latest/administer/windows/configure-new-member-defaults.htm

0 Kudos
SreenivasaRaoPigili
by
Frequent Contributor
4 weeks ago
Thank you DennisSmith for your reply. I understand that you’re suggesting we should map all new users into a single default group initially. However, our intention is to keep users like userA linked to groupA and userB linked to groupB. If we implement these default settings (i.e., groupDefault and roleDefault), all users will be assigned to groupDefault, leaving no option for them to be easily reassigned to their specific groups or roles without manual intervention. Please correct me if I’ve misunderstood your perspective. Thank you.
0 Kudos
DennisSmith
by Esri Contributor
Esri Contributor
4 weeks ago

Thanks for the message @SreenivasaRaoPigili You are correct that setting is more of a global setting and you are looking at a more granular account settings per individual. The method I provided is more of a cover-all type of setting that perhaps can be used to assign specific groups that all may get regardless but that is set per organization.

0 Kudos
SreenivasaRaoPigili
by
Frequent Contributor
3 weeks ago

Hi All,

   Looks like OpenID is not allowing this kind of facility and We followed SAML approach and completed this activity. 

Marking this as resolved. Thank you all.

0 Kudos