Okta Identity Engine - IdP MFA Setup Guide

Setup Steps

  1. In MetaDefender IT-OT Access, navigate to Secure Access > Access Methods > IdP MFA, and Enable IdP MFA
  1. Copy the Entity ID, Single Sign-On Url, and download the IdP Certificate. Then navigate to your Okta Administrator account.
  2. In Okta Admin, go to “Security > Identity Providers“ to setup OPWAT’s Compliance-Based IdP MFA
  1. Add Identity Provider, select “SAML 2.0 IdP“ and click "Next" button
  1. Fill in the information with the provided metadata from MetaDefender IT-OT Access
  1. Keep the default configurations in the Advanced Settings
  2. Download the SAML metadata of the new IdP

_

  1. Upload the Okta Metadata in MetaDefender IT-OT Access and Save
  1. In Okta, navigate to Security > Authenticators > Setup and click "Add authenticator"
  1. In the Security > Authenticators, select Enrollment tab and add a new MetaDefender IT-OT Access policy
  • It's recommended to assign none-admin group in this policy before testing all the configuration and flow.
  • Need to require "MetaDefender IT-OT Access (IdP)" and "Password" and disable other authenticators
  • Keep the default rule
  1. Configure your Global Session Policy.
  • It's recommended to assign to a none-admin group before testing the flow and policy
  • It's recommended to require MFA at every sign in
  1. Test your integration
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard