Okta integration confusion about Plugin vs Store

Fabian10 · ‎09-21-2017

Hi There

First I have to tell, that I'm a beginner with Okta. Until now, I already setup some instances using user provisioning by MID-Server from AD and authenthication with ADFS.

Now I have to setup an instance with user provisioning and SSO by using Okta.

First I found out, that there are two Apps in Okta:

ServiceNow - Eureka and later releases
Service-Now UD

As following to this thread, the Eureka and later releases-Version is deprecated. Is this correct, that I have to use the Service-Now UD app?

Then I wanted to follow the ServiceNow-Docs. There's written, that I first have to enable the "SSO Provided by Okta, Inc. plugin"-Plugin. As next step is written, that I have to follow the "SerivceNow Deployment Guide page" from OKTA. Under this link, I downloaded then the OktaIdentityCloudDeploymentGuide.pdf. This document is writing about "Configuring the Okta Application from the ServiceNow App Store". It's about the Okta-App in the ServiceNow-Store.

Now I'm absolutely confused. Do I have to use the Plugin or the App from the ServiceNow-Store? (or even both?)

As I've seen, there's also a possibility to use the "Multi-provider SSO"-Plugin. Whats the advantage of usign this Plugin? Is it possible to use user provisioning from Okta, when I use this Plugin?

Best regards,

Fabian

Fabian10 · ‎09-26-2017

Hi Everyone

I just wanna let you know about my lastest news about these questions (just in case, that someone else is bumping into this questions).

Okta writes in their support-documents:

Please note that the Okta Identity Cloud available in the ServiceNow store completely replaces the "SSO Provided by Okta" plugin inside of ServiceNow. That plugin is now deprecated, and the Okta Identity Cloud app provides all SSO and User Lifecycle functionality for ServiceNow via standard Okta integrations and the Multi-Provider SSO Plugin in ServiceNow.

So, the Plugin is deprecated and replaced with the new app in the store. This app is using the Multi-Provider SSO-Plugin.

If you use Multi-Provider SSO-Plugin you can have provisioning of users, but they are only provisioned, when they try to logon the first time.

The app "ServiceNow - Eureka and later releases" in Okta is deprecated.

Best regards,

Fabian

View solution in original post

Fabian10 · ‎10-08-2017

Hi Julian

Unfortunately I don't have access to Okta by myself. But I can tell you, that we used the "ServiceNow UD"-App in Okta. After klicking "Provision" in ServiceNow with the correct settings, something was created in Okta, which the Okta-Admin could configure then.

After that I got an Metadata-URL from the Okta-Admin with which I could configure the Identity Provider then. For this I had to click to "Import IDP Metadata" in the Identity Provider settings and enter the new URL. After that I had to replace in every setting "yourinstance" with the name of our instance. As last point I had to enter "user_name" in the Advanced Settings under "User Field" (but this is probably related to our config).

Best regards,

Fabian

jules2 · ‎10-12-2017

After speaking with Okta support they removed the old application and then i could add ServiceNow UD to replace the depreciated version.

If you wish to use the Servicenow Share store and the free Okta application, then there is an issue there is no way to test the Okta ServiceNow Share application in a personal development instance as enabling the subscription process on the Okta share application only allows you to use a paid SN subscription instances.