Okta Identity Engine - IdP MFA Setup Guide

Setup Steps

  1. In MetaDefender IT-OT Access, navigate to Secure Access > Access Methods > IdP MFA, and Enable IdP MFA


  1. Copy the Entity ID, Single Sign-On Url, and download the IdP Certificate. Then navigate to your Okta Administrator account.

  2. In Okta Admin, go to “Security > Identity Providers“ to setup OPWAT’s Compliance-Based IdP MFA


  1. Add Identity Provider, select “SAML 2.0 IdP“ and click "Next" button


  1. Fill in the information with the provided metadata from MetaDefender IT-OT Access


  1. Keep the default configurations in the Advanced Settings

  2. Download the SAML metadata of the new IdP

_

  1. Upload the Okta Metadata in MetaDefender IT-OT Access and Save



  1. In Okta, navigate to Security > Authenticators > Setup and click "Add authenticator"



  1. In the Security > Authenticators, select Enrollment tab and add a new MetaDefender IT-OT Access policy

  • It's recommended to assign none-admin group in this policy before testing all the configuration and flow.

  • Need to require "MetaDefender IT-OT Access (IdP)" and "Password" and disable other authenticators

  • Keep the default rule


  1. Configure your Global Session Policy.

  • It's recommended to assign to a none-admin group before testing the flow and policy

  • It's recommended to require MFA at every sign in



  1. Test your integration