How to configure Okta with “SAML 2.0” as the Authentication Method

In this quick tutorial, we will show how to properly configure Okta SAML for Thinfinity Remote Desktop Server v4.0 and Thinfinity VirtualUI v2.5.

Navigate to your Okta space (or start a free trial to test this feature), go to the Applications tab, and create a new application using the “Create New App” button:

How to configure okta

2) Select OpenID Connect as the Authentication Method:

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

3) Assign a name to the application.

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

4) Configure the “Single sign-on URL” and “Audience URI” .

    The “Single Sign-on URL” address should be the following:
    https://[MyThinfinityWebSite]/SAMLAssertionConsumerService

    The Audience URI should be the URI used to connect to Thinfinity:
    https://[MyThinfinityWebSite]/

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

5) Choose the Feedback options that apply to your application:

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

6) Now that the application is created, it should redirect you to the “Settings” window. Click on “View Setup Instructions” for further information:

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

In here you will get the “Identity Provider Single Sign-on URL”, the Identity Provider Issuer, and the Certificate provided by Okta.

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

7) Now, open the Thinfinity Remote Desktop Server Manager or Thinfinity VirtualUI Server manager, navigate to the “Authentication” tab, press the “Add” option and click on “SAML”:

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

8) In here, you will have to add the different values provided by Okta in order to enable SAML:

    Service Identifier = Audience URI (SP Entity ID)
    Service Certificate File = Your certificate’s file.
    Service Certificate Password = Your certificate’s password.

    Identificacion Entity ID = Identity Provider Issuer

    Single Sign-On Service URL = Identity Provider Single Sign-On URL
    Sign-Out URL = This value is optional.
    Partner Certificate File = X.509 Certificate provided by Okta.

Below you’ll find an example on how it should look like :

Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

After you finish adding all those values, press “Ok”.

10) Click on the “Mappings” tab and then press “Add” under the Authentication ID Mask.

Add the email address of the Okta user you want to validate and press “Ok”.
Then, under the “Associated Permissions” field, press on the “Add” button and search for the Active Directory User.

    Thinfinity Remote Desktop Server:

    Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

    Thinfinity VirtualUI:

    Configure Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

11) After you add the appropriate mappings, click on the “Apply” button.

12) Navigate to the Thinfinity’s landing page, and you should see the “Login With SAML” option listed as an Authentication Method.

Login with Okta SAML for Thinfinity Remote Desktop Server and Thinfinity VirtualUI.

Quick Tip: Learn how to configure Duo 2FA and how to configure Okta with OpenID Connect as the Authentication Method.

Have any questions? Contact us at support@cybelesoft.com or leave a message on this same post.

Related Posts

Leave a comment