<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000AJD60uCQDOkta Classic EngineSingle Sign-OnAnswered2025-01-31T16:58:21.000Z2025-01-20T15:58:05.000Z2025-01-31T16:58:21.000Z

JeroenB.09291 (Customer) asked a question.

January 20, 2025 at 3:58 PM
Using okta for SSO in Kandji

Hi,

I'm trying to set-up Okta within Kandji. So I can our new okta instance/tenant for login in to Kandji. Kandji offers this through a manual SAML setup, which in turn needs a certificate from Okta. Only I am unable to find either the manual set-up of SAML authentication in applications (as all help articles i can find suggest e.g. https://support.kandji.io/support/solutions/articles/72000560549 / ) or get the PEM or CER from the kandji app (found in catalog). Okta help points to setting up the certificate within the app under the sign-on tab, but there's no certificate there (?). Has anyone set this up successfully and is able to give me some pointers?

 

Would be much appreciated.

 

Best,

 

Jeroen

  • 5 answers
  • 202 views

  • JeroenB.09291 (Customer)

    Thanks for comming back on this. Yes, that is the one I use. I've just heard back from support and I think this must be solved by activating something in the backend / instance: Hence it is not showing it under the template. Doesn't state this in any documentation, so I think this will be fixed by having it turned on by our account executive.

    Selected as Best

  • MatthewH.10249 (State of Iowa)

    We don't use Kandji but I went ahead and created a new Kandji app instance from the OIN template on one of my test tenants. Like most SAML apps, there is a cert section named "SAML Signing Certificates" found near the bottom of the "Sign On" tab/page. You should see a "SHA-2" cert generated already for you and you just need to press the "Download Certificate" from the "Actions" dropdown that is found on the right side of that section.

    Expand Post

  • JeroenB.09291 (Customer)

    Hi Matthew,

     

    Thanks for your response and for taking the time looking into to this. Although this (SAML settings under the sign on tab) is what I expect to see; I don't get any SAML 2.0 options under the sign on. It looks like (and i'm just presuming) as if there's no SAML options in our Okta tenant/instance entirely, as it is also missing in setting up a custom app wizard. Mind-boggling this one, so I created a case with Okta support in the meanwhile. The support engineer also pointed to me that these options should be under sign on tab within the app. Still waiting on a reply as to why it's missing.

    I'll add a screenshot of what I see in the instance.

     

    Anyway thanks for reaching out!

     

    Best,

     

    Jeroen

     

    Sign On tab in instance.

    Expand Post

    • MatthewH.10249 (State of Iowa)

      Which OIN catalog template did you use? I used the one on the left.

       

      image

  • JeroenB.09291 (Customer)

    Thanks for comming back on this. Yes, that is the one I use. I've just heard back from support and I think this must be solved by activating something in the backend / instance: Hence it is not showing it under the template. Doesn't state this in any documentation, so I think this will be fixed by having it turned on by our account executive.

    Selected as Best
This question is closed.
Loading
Using okta for SSO in Kandji