Configure SAML with Okta
Set up
You can configure VirusTotal to use SAML with Okta. These are the recommended steps for this set-up:
1. Okta Admin Panel
In the Okta Admin Panel, go to the Applications tab:
2. Applications tab
In the Applications tab, click on “Create App Integration”
3. Select “SAML 2.0”
4. Provide an app name and a logo
5. Fill in the fields
Fill the following fields with the following information:
Single sign on URL:
https://virustotalcloud.firebaseapp.com/__/auth/handler
Audience URI: You can use any string you want as “Audience URI” as long as it's exactly the same in VirusTotal and in Okta. Alternatively, you can also introduce the Single sign on URL mentioned above
Name ID: “EmailAddress”
Application username: “Email”
* Leave all other fields with their default values:
6. Configuration is finished. View Setup Instructions
Once your configuration is finished, this is how your configuration should look. Click on the “View Setup Instructions” button:
7. Overview
You should see something like this:
8. Copy data in VirusTotal
Copy those values in your VirusTotal’s group configuration available at https://www.virustotal.com/gui/group/GROUP_NAME/settings and click on Save SSO data:
9. Copy the VirusTotal sign-in URL
Copy the URL at the “VirusTotal sign-in URL” section and use it to configure a bookmark app that will launch the sign-in process.
10. Bookmark app
Your users must use the bookmark app to login into VirusTotal. Make sure the SAML app is hidden for them.
Troubleshooting
This section aims to provide steps to solve the most common issues when setting up a SAML configuration.
-
Unable to Process request due to missing initial state. This may happen if browser sessionStorage is inaccessible or accidentally cleared: Check the reply URL is configured correctly on your IdP configuration.
-
Pop up blocked: The signin dialog opens in a popup, so you need to explicitly allow virustotal.com to open popups.
-
Response mismatch: the field "identity provider issuer" must be an URL to your SAML provider.
-
Error: app_not_configured_for_user: Specifically when configuring SAML using Google Workspace. This error occurs when attempting to log into signin.blackbaud.com using a BBID enabled Google account while another Google account is already signed in in the browser
-
User is not assigned to this application.: Contact your group administrators so they can add you to the user list on Okta.
If you still need assistance, contact our support team attaching the SAML XML configuration.
Updated 10 months ago