Netskope Help

Netskope SSO with Okta

Netskope integrates with multiple third-party applications to provide a wide range of solutions. You can configure single sign-on (SSO) on the Netskope Admin Console to connect to these applications with or without authentication. Using the SSO Enabled feature in the Netskope Admin Console, you can set up forced authentication when connecting to third-party applications through Okta.

Locate the SSO Settings in Netskope Admin Console
  1. To access SSO/SLO Settings, go to Settings > Administration > SSO.

    image1.jpeg
  2. To view and edit IdP settings, click Edit Settings.

    image2.jpeg
  3. Here are the IdP URL, IdP Entity ID, IdP Certificate. Copy the IdP Entity ID to use when generating new IdP information in Okta.

Generate New IDP Information in Okta
  1. In the Okta Dashboard, go to Applications > Browse App Catalog.

  2. Search for Netskope and select Netskope Admin Console.

    image3.jpeg
  3. Click Add.

    image4.jpeg
  4. Enter your subdomain in the subdomain field and click Next.

  5. Scroll down to the Service Provider Entity ID field and enter the Service Provider EntityID from the Netskope Admin Console, and then click Done.

  6. Go to the Sign On Tab.

    image5.jpeg
  7. Scroll down to SAML Signing Certificates and click View SAML setup instructions.

    image6.jpeg
  8. Copy the new IdP information from Okta and enter them into the Netskope IdP fields.

    image2.jpeg
  9. Go to the Assignments tab and click Assign > Add People/Group, and then add users/groups who need access to the Netskope Admin Console.

    image7.jpeg
  10. Deactivate the old instance of Netskope Admin Console from Okta Applications Dashboard.

Generate New Netskope Tenant User Keys Through Okta
  1. In the Okta Dashboard, go to Applications > Browse App Catalog.

  2. Search for Netskope and select Netskope User Enrollment.

    image8.jpeg
  3. Click Add.

    image9.jpeg
  4. Enter your subdomain in the subdomain field and click Next.

  5. Go to the Provisioning tab and click API Integration.

    image10.jpeg
  6. Check Enable API Integration.

    image11.jpeg
  7. To find the Base URL and API Token in the Netskope Admin Console, go to Settings > Tools > Directory Tools > SCIM Integration.

    image12.jpeg
  8. Copy the SCIM Server URL and put it in the Base URL field in Okta.

  9. Generate New OAuth Token and put it in the API Token field in Okta.

  10. When finished, click Save.

  11. Delete the old OAuth Token in the Netskope Admin Console.

  12. User Keys have successfully been switched.