Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: First published version


Okta is an enterprise-grade, identity management service, built for the cloud, but compatible with many on-premises applications. With Okta, IT can manage any employee's access to any application or device. Okta runs in the cloud, on a secure, reliable, extensively audited platform, which integrates deeply with on-premises applications, directories, and identity management systems.


Configuring Okta

1) In Okta, create Enterprise Tester integration using SAML 2.0.


2) In Okta the SAML General Settings need to contain the following.


3) Make sure you record IDP information when selecting the "View Setup Instructions".



Configuring Enterprise Tester to use Okta


  • IDP
  • X.509 Certificate


1) Enable SAML Support


<add key="SAML.Enabled" value="true" />

2) IDP Issuer 

<add key="SAML.Issuer"value="<IDP Issuer>"/>




<add key="SAML.IDP"value="<IDP SSO URL>"/>

4) X.509 Certificate


<add key="SAML.Certificate"value="<X.509 Certificate>"/>

SHA-256 XML Signature Support

SAML 2.0 uses the SHA-256


encryption protocol if this is not enabled on your server you will need to

do the following.


On the Enterprise Tester server:

  1. Download CLR Security Update

  2. Download GACUTIL from here:

  3. Extract Security.Cryptography.dll assembly

  4. Add Security.Cryptography.dll to GAC


    full path... gacutil.exe /i Security.Cryptography.dll
  5. View Security.Cryptography.dll assembly


    gacutil.exe /l Security.Cryptography
  6. Update machine.config in C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config and C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config. Insert the following code block after <system.web> section in <configuration>


            <cryptoClass RSASHA256SignatureDescription="Security.Cryptography.RSAPKCS1SHA256SignatureDescription, Security.Cryptography, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
          <nameEntry name=""class="RSASHA256SignatureDescription"/>




enable it.