SAML with Okta

To configure SAML with Okta for erwin Mart Portal authentication, follow these steps:

1. Log in to the Okta environment.

   

2. Click Applications > Applications > Create application.

   

3. Enter Name for your application.

4. Under application type, select Regular Web Applications.

5. Click Create.

   

6. Click Addons > SAML2 Web App.

   

7. Click Settings.

   

8. Uncomment line number 4, 6, 11, and 12.

9. Download the SP Metadata file (erwin Mart Portal) Configuration > Authentication > Download SP Metadata and open it in any text editor and copy the URL in the last line as highlighted in the following image.

   

10. On the Addon: SAML2 Web App screen, paste the copied URL in the Application Callback URL field.

11. Scroll down and click Enable. Then, click Save.

    

12. On the menu, click User Management > Users > Create Users.

    

13. Enter appropriate values in the required fields and click Create.

14. On the menu, click User Management > Users > Roles > Create Roles.

    

15. Enter appropriate values to the required fields and click Create. Then, click Save.

16. On the Roles page, click . Then, click Assign To Users.

    

17. Under Select users, select the required user and click Assign.

18. On the Users page, click a user.

19. On the Details tab, scroll to the Metadata section.

    

20. Under app_metadata, add the following and click Save.
    "groups": [

    "QA",

    "Modeler"

    ]

    

21. On the menu, click Applications > Applications and open your application.

22. Scroll down to the Advanced Settings section.

    

23. Click Endpoints and scroll to the SAML section.

    

24. Copy the SAML Metadata URL.

25. Go to your Okta Auth0 environment. Open your application, and then click Addons.

26. Click SAML2 Web App > Settings.

27. Copy the email and groups values.

    

    Similarly, you can add a display name here.

28. Depending on your Mart version, do one of the following:

    • For Mart Portal on-premises, on the erwin Mart PortalConfiguration screen, click the Authentication tab, and then follow these steps:

      1. In the Metadata XML field, paste the copied SAML Metadata URL copied in step 24.

      2. In the Group Attribute Name, User Email Attribute Name, and User Display Name Attribute Name fields, enter the values that are configured in step 27.

         

         The User Email Attribute Name and User Display Name Attribute Name fields are optional.

    • For Mart Portal on cloud, share the following details with the Mart Cloud Support team:

      • Metadata XML URL

      • Group Attribute Name

      • User Email Attribute Name

      • User Display Name Attribute Name

      Once the support team authenticates erwin Mart Portal for you, you can move to adding groups in erwin Mart Portal at https://<your_instance>.myerwin.com/MartPortal.

Adding Groups in erwin Mart Portal

To add your Okta SAML groups to erwin Mart Portal, follow these steps:

1. Create a CSV file in the following format: <group_attribute_value>,<group_display_name>.

2. Log in to the erwin Mart Portal as an administrator.

3. Go to Application Menu > Users.
   The Users page appears.

   

4. Click Add User.
   The Add User page appears.

   

5. Under User Type, select SAML Group

   

6. Drag and drop the CSV file that you created in step 1.

7. Under Group name, select the required group.

8. In the Email Address field, enter your email address.

9. Click Save.

The group has been added.