Skip Ribbon Commands
Skip to main content
Navigate Up
Sign In

Quick Launch

Average Rating:

(5 Ratings)
facebook Twitter
Print Bookmark Alert me when this article is updated


HOW TO: Configure SAML Single Sign On(SSO) using OKTA in IICS
Follow the steps below to configure SAML SSO in Informatica Cloud using OKTA:
  1. Ensure to have a valid OKTA account and user with Admin privileges.
  2. Login to OKTA and click on "Applications" and click "Add Application".
  3. Click on "Create New App". Okta will prompt you with "What type of application integration?", select "SAML 2.0" and click "Create".
  4. This will take one to "Create SAML Integration" wizard and display "General Settings"
    1. Enter "App Name".
    2. Optionally select/enter App logo and App visibility and click "Next".
  5. Configure SAML
    Enter "Single Sign on URL" from "Location" attribute of "AssertionConsumerService" element in ICS SAML metadata XML. One can get the metadata XML by login to Informatica Cloud and under Administer > SAML SSO.
    Refer to the following screenshot for reference to find the correct URL:
    b. Enter Audience URI (SP Entity ID) from ICS's "entityID" attribute of "EntityDescriptor" element. 
    c. Select name ID format, Default username 
            d. Optionally configure attribute statements to send First Name, Last name, Email Address, Job Title, Phone Number, Role, and so on.

  6. Select App  type accordingly.
  7. Click on Finish. It will take you to the application page for the just created SAML application.
  8. Click on "Sign On" tab and click on "Identity Provided metadata" link to download Okta IDP metadata XML and save as XML file.
  9. Use the downloaded Okta IDP metadata XML file to configure SAML SSO in ICS. Upload the file in Informatica Cloud. Refer to the below screenshot from point 10 for reference (select choose file option).

  10. "Disable auto-provision of users" --> If this property is checked, IICS will check for the existence of the user and based on that will allow log in. If this is unchecked, IICS will create a user based on the SAML request.  Please make sure that the existing user in IICS is having authentication type as "IDP with SAML" else IICS will throw "The SAML user does not exist in your organization" error.


  11. If the existing user is created with different authentication types, try changing it to "IDP with SAML". If "Changing the authentication to IDP with SAML is not supported" error is thrown, then please drop the existing user and create a new user with authentication type as "IDP with SAML".   


More Information
​Added Point # 10 and 11 based on the resolution of "02665307"
For more Information on SAML Single Sign On, refer the user-guide at the following link:
Applies To
Product: Cloud Data Integration
Problem Type: Configuration
User Type: Developer
Project Phase: Implement
Product Version:
Operating System:
Other Software:
Last Modified Date:4/12/2020 11:28 PMID:320570
People who viewed this also viewed


Did this KB document help you?

What can we do to improve this information (2000 or fewer characters)