How To Configure SAML SSO on OBIEE 12c With OKTA Identity Provider (IdP)
(Doc ID 2348673.1)
Last updated on JANUARY 09, 2023
Business Intelligence Suite Enterprise Edition - Version 220.127.116.11.0 to 18.104.22.168.0 [Release 12c to 12g] Information in this document applies to any platform.
The main purpose of the document is to provide the configuration steps to implement Security Assertion Markup Language (SAML) 2.0 Web Single Sign On (SSO) for OBIEE 12c using OKTA as Identity Provider (IdP). If you encounter issues while implementing these steps, then they are not necessarily handled by OBIEE product support group. Based the issue, the appropriate support team (e.g. - OKTA IdP, HTTP Server, Loadbalancer, webLogic or OBI team may need to be engaged.
This is a Service Provider (SP) Initiated SSO which means the user directly access the Analytics SP URL that gets re-directed to OKTA for Authentication.
This document is informational and intended for Administrators and Advanced Users.This document covers very basic and typical SAML 2.0 implementation steps for OBIEE 12c.
This document does not cover all the implementation scenarios.
This document is intended as a "cookbooK" enhancement to the documentation to fill in any gaps, missing or ambiguous information and to tie multiple documentation together in one location. It is not meant to replace the official documentation.
The server names , locations and passwords used in this document are for example, should not be copy and paste.
This document does not cover OBIEE Installation and SSL Configuration for OBIEE.
This document assumes having administration login to OKTA.
Before following the steps in this document, ensure:
The OBIEE environment is in working condition.
Verify the users login to Analytics from Default LDAP and|or external LDAP users (if any).
Take a complete domain backup before attempting to implement SAML.
For Oracle Analytics Server (OAS), please use the approach documented in: SAML 2.0 and Kerberos Single Sign-On Configuration for Oracle Analytics Server (Doc ID 2761678.1)
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!