Logo

Add SharePoint (On-Premises) in Okta

photo

2023年04月06日

Add SharePoint (On-Premises) in Okta

Before you begin

  • Install a supported version of Microsoft SharePoint:

    • SharePoint Foundation 2013
    • SharePoint Server 2013
    • SharePoint Server 2016
    • SharePoint Server 2019
  • Run the prerequisites from the SharePoint installer.
  • Fulfill hardware requirements.
  • Fulfill version-specific requirements:

    VersionRequirements
    SharePoint People Picker (versions before 2.3.0.0)Install .NET Framework 3.5+
    SharePoint People Picker version 2.3.0.0Ensure TLS 1.2 is supported by your server.
    SharePoint 2013, 2016, or 2019

    Install .NET Framework 4.5+, which supports TLS 1.2.

    OR

    Install .NET Framework 3.5+ and one of the patches provided here.

  • A valid API token for the Okta People Picker plugin to read users and groups from Okta. See API token management.

    The API token is only visible upon creation and cannot be retrieved later. If the token is lost, it must be revoked, regenerated, and reconfigured in the People Picker configuration.

Start this procedure

  1. Add the SharePoint (On-Premises) app.

    Go to Applications > Applications > Add Application and search for the app.

  2. From the General tab, go to App Settings and fill in the appropriate fields. These fields are used to connect and send information as part of the SAML assertion to SharePoint:

    • SharePoint Web Application URL: This points to the web application that is running on SharePoint. For example, https://app1. There can be multiple apps running on SharePoint, each of which needs a SharePoint app within Okta.
    • Application attributes: Admins can send information about Okta user profile attributes to SharePoint for auditing or logging purposes. Sending any custom Okta attributes is also supported. This information is not used for authentication or authorizing apps in SharePoint. Okta typically sends UPN and email data as part of the assertion.

      Acceptable formats for application attributes are:

      • Okta User Profile Attribute: For example, firstName|${user.firstName}|http://okta.com/claims
      • Imported Attribute: For example, lastName|<appId>:${user.lastName}|http://okta.com/claims

        You can obtain your app ID from your app’s URL, as shown below:

    • Group filter: This field is sent as part of a SAML assertion. This is used for checking permissions in SharePoint.
  3. Go to SharePoint (On-Premise) app > Sign On > View Setup Instructions to install and configure SharePoint People Picker 2.3.0.0.

Okta Group Push is not currently supported with the SharePoint On-Premises application.

We recommend you use only AD groups or only Okta groups in order to configure authorization to your SharePoint server. Configuring Push Groups to your Active Directory and attempting to use these groups for SharePoint authorization will result in problems accessing the application.

Next steps

Configure Okta as Claims Provider in SharePoint (On-Premises)

所有附件
该文章没有附件.
本文为原创文章,请注意保留出处!

热门文章

修复群晖Synology Drive client右键菜单缺失问题 本教程主要解决windows10右键菜单中没有SynologyDrive菜单的问题,整体思路是找到...修复群晖SynologyDriveclient右键菜单缺失问题 作者:Pastore Antonio
1812 浏览量
docker如何查看一个镜像内部的目录结构及其内部都有哪些文件 前言:有时候我们会在docker上下载一个镜像,或者是上传一个镜像到docker上,甚至有时候就是在...docker如何查看一个镜像内部的目录结构及其内部都有哪些文件 作者:Pastore Antonio
1791 浏览量
configure: error: Package requirements (oniguruma) were not met configure:error:Packagerequirements(oniguruma)...configure:error:Packagerequirements(oniguruma)werenotmet 作者:Pastore Antonio
1530 浏览量
Adobe Acrobat Pro 激活 这里记录了一些AdobeAcrobat的激活教程和组件。浏览量:1,683 作者:Pastore Antonio
1528 浏览量
追寻日出,找回自己 为什么我要去追寻日出?其实我是一个很懒的人,每次都起不来,直到有一次我在租房中睡到了大天亮,阳光照...追寻日出,找回自己 作者:Pastore Antonio
1506 浏览量