ManageIQ and Okta (SAML)


#1

Hi, I was wondering of anyone has managed to integrate their installation with Okta using SAML?

I have followed the guides (here) up to the point of generating the service provider xml files (*.key, *.cert and *metadata.xml). From there the guide is KeyCloak specific, so I used an Okta guide (here) to create the application in the Okta admin console and produced the IDP metadata which I then added to the idp-metadata.xml and placed in the directory (/etc/httpd/saml2).

I believe that should complete the setup, but when I turn on SAML auth in ManageIQ I get an internal server error when clicking the “Login to Corporate System” on the login page (output below).

ManageIQ is installed on a VM running a CentOS Linux release 7.3.1611 (Core) OS.

Anyone know how I can effectively troubleshoot the logs, any help appreciated…


#2

Turns out I needed to disable SELinux - if “getenforce” returns “Enforcing” disable it “sudo setenforce 0”