My Oracle Support Banner

OBIEE 12c : How To Configure SAML SSO on OBIEE 12c With OKTA Identity Provider (IdP) (Doc ID 2348673.1)

Last updated on MARCH 13, 2018

Applies to:

Business Intelligence Suite Enterprise Edition - Version and later
Information in this document applies to any platform.


The main purpose of the document is to provide the configuration steps to implement Security Assertion Markup Language (SAML) 2.0 Web Single Sign On (SSO) for OBIEE 12c using OKTA as Identity Provider (IdP).   If you encounter issues while implementing these steps, then they are not necessarily handled by OBIEE product support group. Based the issue, the appropriate support team (e.g. - OKTA IdP, HTTP Server, Loadbalancer, webLogic or OBI team may need to be engaged.

This is a Service Provider (SP) Initiated SSO which means the user directly access the Analytics SP URL that gets re-directed to OKTA for Authentication.


Before following the steps in this document, ensure:

  • The OBIEE environment is in working condition.
  • Verify the users login to Analytics from Default LDAP and|or external LDAP users (if any).
  • Take a complete domain backup before attempting to implement SAML.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 1. Prerequisites
 1.1 OKTA Prerequisites
 1.2 OBIEE 12c Prerequisites
 2. Configuring BI Domain as a Partner (SP) with OKTA (IdP)
 3. Configuring BI Domain for SAML Authentication
 3.1 Adding OKTA as an Identity Provider Partner
 3.2 Configuring managed server ( bi_server1 ) as Service Provider
 4. Enable Analytics Application for SSO
 4.1 Update analytics.ear to include required security role
 4.2 Redeploy analytics application
 5. Enable SSO in EM
 6. Setup Authorization
 7. Restart all the Services
 8. Verify the SAML SSO Login
 9. Basic Troubleshooting
 9.1 HTTP 404 on /saml2/sp/acs/post

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.