GitProtect EN
FREE TRIALOPEN SUPPORT CASE
  • Introduction
    • Planning & preparation
      • Supported Platforms
      • System Requirements
      • Backup Environment Planning
      • Licensing overview
      • Third-party libraries
  • Deployment and the storage overview
    • Deployment
      • GitProtect System Components & Architecture
      • Deployment models
      • GitProtect SaaS
        • Registration and overview
        • Registration from Marketplace and overview
        • Available regions
        • Cloud worker
      • GitProtect on-premise
        • Installation options & overview
          • Installation On Windows
          • Installation On Linux
          • Installation On Docker
          • Installation On QNAP NAS In Container Station
          • Installation On Synology NAS
          • Using your own SSL certificate
        • Updating GitProtect Management
          • Updating Management Service Installed On Windows
          • Updating Management Service Installed On Linux
          • Updating Management Service Running On QNAP NAS In Container Station
          • Updating Management Service Running On Synology NAS
        • Access GitProtect Management
      • GitProtect worker
        • GitProtect worker installation
          • GitProtect worker installation on Windows Server 2008R2 and Windows Server 2012
          • GitProtect Worker Installation On Windows Workstations & Windows Server 2012 R2+
          • GitProtect Worker Installation On MacOS
          • Running GitProtect Worker On Docker
          • Running GitProtect Worker On QNAP NAS
          • Running GitProtect worker on Synology NAS
          • GitProtect Worker Installation On Linux
        • Updating GitProtect worker
          • Updating GitProtect worker on Windows Server 2008R2 and Windows Server 2012
          • Updating GitProtect Worker On Windows Workstations & Windows Server 2012 R2+
          • Updating GitProtect Worker On Linux
          • Updating GitProtect Worker On MacOS
          • Updating GitProtect Worker On Docker
          • Updating GitProtect Worker On QNAP NAS
          • Updating GitProtect Worker On Synology NAS
        • Configuration
          • Logs location
          • How to restart the worker service
          • worker configuration
      • Log in to GitProtect
        • Log In With User Name And Password
        • Log In with SSO
        • Password Reset (on-premise, SaaS)
        • Log In With SAML
          • Auth0
          • Google
          • Azure AD
          • Okta
          • OneLogin
          • CyberArk
      • Getting started
    • Storage - backup destination
      • Storage Overview
      • Supported Platforms
      • On-site storage
        • Local Directory
        • SMB Share
        • NFS Share
        • MinIO S3
      • Cloud storage
        • GitProtect Cloud
        • AWS S3
          • Setting Up
          • Bucket & IAM Permissions
        • Wasabi
          • Setting Up
          • Permissions
        • Google Cloud Storage
          • Setting Up
          • Permissions
        • Azure Blob Storage
          • Configure a blob storage
          • Integration Methods
          • Setting Up
        • Backblaze B2
          • Setting Up
          • Permissions
        • S3 compliant
      • Replication
        • Overview & Requirements
        • Planning & Setting Up Replication Plan
      • Ransomware Proof Storage
  • Backup plan possibilities and the data solutions
    • Backup & recovery
      • How to plan your backups?
      • Backup plan overview
      • Predefined backup plans
      • Encryption & data security
      • Scheduler & data retention
      • Triggering backup tasks
      • Compression
      • Error handling
      • Azure DevOps backup & recovery
        • Integration prerequisites
          • Protected Azure DevOps resources / elements / metadata
          • Required permissions for Azure DevOps user, OAuth app and token
          • Azure DevOps API limitations
        • Adding Azure DevOps organization
          • Installing GitProtect worker
      • Azure DevOps Server backup & recovery
        • Integration prerequisites
          • Protected Azure DevOps resources / elements / metadata
          • Required permissions for Azure DevOps personal access token
          • API limitations
        • Adding Azure DevOps Server organization
          • Installing GitProtect worker
      • Bitbucket backup & recovery
        • Integration prerequisites
          • Protected Bitbucket Resources / Elements / Metadata
          • Required Permissions For Bitbucket Users and Token
            • Application password in Bitbucket
          • Bitbucket API Limitations
            • How To Reduce Or Avoid Its Impact?
        • Adding Bitbucket organization to GitProtect
          • Installing GitProtect worker
        • Additional Bitbucket users
          • Reasons to use additional users
          • How to prepare an additional account in Bitbucket?
          • How to configure in GitProtect?
        • Backup
          • Protected Bitbucket Resources / Elements/Metadata
          • Bitbucket Backup Process Overview
          • Setting up a backup plan
            • Worker and its license
            • Cloud to cloud backup
          • Enabling additional Bitbucket accounts for backup
          • Backup plan dashboard details
        • Recovery
          • Cross recovery options
          • Recovery process overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Mulitple Repository To Git Service Or GitProtect Worker
          • LFS recovery
          • Wiki recovery
        • Manage Bitbucket integration in GitProtect
          • Bitbucket organization dashboard
          • Editing and removing Bitbucket integration from GitProtect
          • Bitbucket repositories list and its synchronization
          • Repository’s dashboard overview
          • Enable\disable protection for Bitbucket repos - license assignment
        • Common issues
        • Use cases
      • Bitbucket DC backup & recovery
        • Integration prerequisites
          • Protected Bitbucket DC resources / elements / metadata
          • Required permissions for Bitbucket DC users and token
          • Supported versions of Bitbucket DC
          • Bitbucket DC rate limits
            • How to disable rate limitations in Bitbucket DC?
            • Additional Bitbucket DC users to reduce throttling impact
        • Adding Bitbucket DC instance to GitProtect
          • Installing GitProtect worker
        • Additional Bitbucket DC users\tokens
        • Backup
          • Protected Bitbucket DC resources / elements / metadata
          • Bitbucket DC backup process overview
          • Setting up a backup plan
          • Enabling additional Bitbucket DC accounts for backup
          • Backup plan dashboard details
        • Recovery
          • Cross recovery options
          • Recovery process overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
          • LFS recovery
        • Manage Bitbucket DC integration in GitProtect
          • Bitbucket DC organization dashboard
          • Editing and removing Bitbucket DC integration from GitProtect
          • Bitbucket repositories list and its synchronization
          • Repository’s dashboard overview
          • Enable\disable protection for Bitbucket DC repos - license assignment
        • Common issues
        • Use cases
      • GitHub backup & recovery
        • Integration prerequisites
          • Protected GitHub Resources / Elements / Metadata
          • Required Permissions For GitHub Users And Token
            • Personal Access Token in GitHub
          • GitHub API Rate Limits
            • How To Avoid Or Reduce Their Impact?
          • GitHub App overview
        • Adding GitHub organization to GitProtect
          • Install GitProtect Worker
        • Additional GitHub users
          • Reasons To Use Additional Users
          • How To Prepare An Additional Account And Personal Access Token In GitHub?
          • How To Add The Additional User To GitProtect?
        • Backup
          • Protected GitHub Resources / Elements / Metadata
          • GitHub Backup Process Overview
          • Setting up a backup plan
            • Worker And Its License
            • Cloud To Cloud Backup
          • Enabling Additional GitHub Accounts For Backup
          • Backup Plan Dashboard Details
        • Recovery
          • Cross recovery options
          • Recovery Process Overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
          • LFS Recovery
          • Wiki Recovery
        • Manage GitHub integration in GitProtect
          • GitHub Organization Dashboard
          • Editing And Removing GitHub Integration From GitProtect
          • GitHub Repositories List And Its Synchronization
          • Repository’s Dashboard Overview
          • Enable\Disable Protection For GitHub Repos - License Assignment
        • Common Issues
        • Use Cases
      • GitHub Enterprise self-hosted backup & recovery
        • Integration prerequisites
          • Protected GitHub Enterprise Self Hosted Resources / Elements / Metadata
          • Required Permissions For GitHub Enterprise Self-Hosted Token
        • Adding GitHub Enterprise Organization To GitProtect
          • Installing GitProtect Worker
        • Additional GitHub Enterprise self-hosted users
          • Reasons To Use Additional Users
          • How To Prepare An Additional Account And Personal Access Token In GitHub Enterprise Self-Hosted?
          • How To Add The Additional User To GitProtect?
        • Backup
          • Protected GitHub Enterprise Self Hosted Resources / Elements / Metadata
          • GitHub Enterprise Self-Hosted Backup Process Overview
          • Setting Up A Backup Plan
            • Worker And Its License
          • Enabling Additional GitHub Enterprise Self-Hosted Accounts For Backup
          • Backup Plan Dashboard Details
        • Recovery
          • Cross Recovery Options
          • Recovery Process Overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • LFS Recovery
          • Wiki Recovery
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
        • Manage GitHub Enterprise self-hosted integration in GitProtect
          • GitHub Enterprise Self-Hosted Organization Dashboard
          • Editing And Removing GitHub Enterprise Self-Hosted Integration From GitProtect
          • GitHub Enterprise Self-Hosted Repositories List And Its Synchronization
          • Repository’s Dashboard Overview
          • Enable\disable Protection For GitHub Enterprise Self-hosted Repos - License Assignment
        • Common Issues
        • Use Cases
      • GitLab cloud and self-managed backup & recovery
        • Integration prerequisites
          • Protected GitLab Resources / Elements / Metadata
          • Required Permissions For GitLab Users And Token
            • Personal Access Token in GitLab
          • GitLab Rate Limits
            • How To Avoid Or Reduce Their Impact?
        • Adding GitLab organization to GitProtect
          • GitLab Cloud
          • GitLab Self-managed
          • Installing GitProtect Worker
        • Additional GitLab Users
          • Reasons To Use Additional Users
          • How To Prepare An Additional Account And Personal Access Token In GitLab?
          • How To Add The Additional User To GitProtect?
        • GitLab repository backup
          • Protected GitLab Resources / Elements / Metadata
          • GitLab Backup Process Overview
          • Setting Up A Backup Plan
            • Worker And Its license
            • Cloud To Cloud Backup
          • Enabling Additional GitLab Accounts For Backup
          • Backup Plan Dashboard Details
        • GitLab Group Backup
          • Protected Resources
          • Group Backup Overview
          • Setting Up a Backup Plan
          • Backup Plan Dashboard Details
        • Repository recovery
          • Cross Recovery Options
          • Recovery Process Overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
          • LFS Recovery
          • Wiki Recovery
        • GitLab Group Recovery
          • Recovery Process Overview
          • Recover Selected Group To GitLab
        • Common Issues
        • Use Cases
      • Jira Backup & Recovery
        • Integration Prerequisites
          • Jira API Limitations
          • Protected Jira Resources
        • Adding Jira Organization To GitProtect
          • Installing GitProtect worker
        • Backup
          • Jira Backup Process Overview
          • Setting Up A Backup Plan
            • Worker And Its License
            • Cloud To Cloud Backup
          • Backup Plan Dashboard Details
        • Recovery
          • Recovery Process Overview
          • Recovery process
            • Recovery To Local Resources
            • Recovery To Jira Organization
        • Manage Jira integration in GitProtect
          • Editing And Removing Jira Integration From GitProtect
          • Jira Organization Dashboard
        • Common Issues
        • Use Cases
      • GitProtect API for DevOps Ecosystems
        • GitProtect REST API details
        • API Authentication
        • Available methods
        • Use cases
      • Backup deletion
        • General information and requirements
        • Delete all backups of a single resource
        • Delete all copies from a selected data store
        • Delete all versions of a single resource from the selected backup
        • Removing backups from AWS S3, Wasabi, Backblaze B2, and S3 compliant storage
  • Management
    • Logs
    • GitProtect tasks monitoring
      • List of current and past tasks
      • Task detailed information
        • Task details - Replication
        • Task details - Restore
        • Task details - backup
      • Audit log - general information
        • Log details
        • Advanced search engine
    • Notifications
      • Available notifications
      • E-mail notification configuration
        • Daily reports configuration
        • Notifications configuration - GitProtect SaaS
        • Notifications configuration - GitProtect on-premise
      • Slack notification configuration
        • How to create webhook URL in Slack?
      • Sending notifications to any webhook
        • Configuration
        • Notifications sent to webhook
    • Additional administrative accounts
      • Roles and permissions
      • Create additional account
      • Edit additional administrative account
      • Additional account removal
    • Password Manager - Safely Store All Your Secrets
      • Password Manager Overview
      • Add A New Password
      • Add A New Encryption Key
      • Edit Or Remove Existing Password
    • License Management
      • GitProtect On-Premise License Check
      • License Details
      • Force License Refresh
    • FAQ
      • How to enable HTTPS in case of on-premise installation?
      • How to change the port of GitProtect Management service?
      • Errors with branch protection rules and dependencies in GitHub backup
    • Best Practices And Use Cases
    • Known Problems
  • CHANGELOGS
    • GitProtect v1.8.5
    • GitProtect v1.8.0
Powered by GitBook
On this page
  • General requirements and limitations
  • Configuration
  • GitProtect side
  1. Deployment and the storage overview
  2. Deployment
  3. Log in to GitProtect
  4. Log In With SAML

Okta

This article contains information on how to configure the logging in process with SAML in case of the Okta.

PreviousAzure ADNextOneLogin

Last updated 2 years ago

General requirements and limitations

Logging into GitProtect using SAML-integrated identity providers should be initiated from the GitProtect panel.

Do not log in from the IdP panel (e.g. from the Okta panel) to the application defined for GitProtect.

Do not test the integration from the IdP panel (e.g., from the Azure panel), as this will initiate a login from the IdP panel.

PKCS #12 file with X.509 certificate and private key (mostly .pfx file, can be password protected) for signing on GitProtect side, must be included in IdP configuration in GitProtect. X.509 certificate file (mostly a .crt file) for signature verification on the IdP side, must be included in the application configuration defined in the Okta panel.

Both files contain the same certificate, and the PKCS #12 file additionally contains the private key to this certificate.

If the PKCS #12 file is password-protected, add this password to the IdP configuration in the GitProtect panel.

Configuration

In the Admin dashboard (which is available in the right-top corner of the window) move to the Applications tab and select the Applications page.

Now hit the Create App Integration button and select SAML 2.0.

In the General Settings tab specify the application name and move to the Configure SAML tab.

At the Configure SAML tab configure the Single sign-on URL parameter as below:

  • https://GitProtectManagementServiceURL/Auth/AssertionConsumerService

where:

  1. GitProtectManagementServiceURL - URL address to your GitProtect Management Service.

At the Audience URI type your application name (configured in the General Settings tab).

Now, hit the Show advanced settings button and attach the certificate file to verify your signature by selecting it in the Signature Certificate tab. After that, you will be able to check the Allow application to initiate Single Logout checkbox in the Enable Single Logout field - this is necessary.

When the Allow application to initiate Single Logout checkbox will be checked, the application with open the two additional fields - fill them as below:

  • Single Logout URL: https://GitProtectManagementServiceURL/auth/SAMLLogoutResponse

  • SP Issuer: MyOktaApp

where:

  • GitProtectManagementServiceURL - URL address to your GitProtect Management Service

  • MyOktaApp - Application name (configured in the General Settings tab).

Now, move to the Group Attribute Statements field and fill it as below:

  • Name: xoperogroup

  • Starts with: XONE

Now you can hit the Next button. In the next opened window, select I'm an Okta customer adding an internal app and hit the Finish button.

Open the created application and move to the Sign On page.

At the SAML Signing Certificates field, select the certificate and hit the Actions button -> View IdP metadata. Copy the link of the opened page - it will be required in the GitProtect app.

Now, move to the Assignment tab.

Assign the application to the selected user or group. To do it, hit the Assign button and decide, that you want to assign any selected user or whole group. Next, hit the Assign button on the right side of the opened window.

GitProtect side

Log into the GitProtect Web panel, go to the Settings tab and open the External Identity Providers section. Click Add new provider button and fill in the details.

At first, Name, which is your own custom name - i.e. Okta, then Entity ID, so in this example, it is MyOktaApp (Application name that we’ve set on the Okta side).

Next, paste the link of IdP metadata into the Metadata URL field.

Add the required certificate and add a password to the Safe Password Manager.

More about adding a new password to the Safe Password Manager you can read in the following article:

Set up a default Language and Role for the users with proper permissions and it's done! You can now log out of your account and test the configuration with your configured integration.

More about the Roles in GitProtect you can see in the following article:

Add A New Password
Roles and permissions
Xopero ONE Management Service URL