Okta Authentication

Ivanti Neurons currently offer the option of selecting Okta as the external authentication provider for your tenant. This is a good choice if you want to centralize the end user log on experience, reduce the occurrence of password related calls to the help desk, and have granular controls over policies and audit trails.

Configure & Enable External Authentication

Configure Auto Provisioning

Enabling auto provisioning will automatically grant access to Ivanti Neurons for all members within the Okta Application without having to go through the manual invite process. When a new member logs in for the first time, a new Ivanti Neurons Platform account will be provisioned in Ivanti Neurons > Members. All new auto provisioned members will be granted the access control roles defined in the set up.

Once enabled, the options: Edit the default access control roles, and Disable auto provisioning, become available. Any roles edits, or disabling, of auto provisioning will not affect any existing auto provisioned members, it will only apply to those who are provisioned after the changes have been made.

Once auto-provisioning has been enabled, everyone who has access to the Okta Application will have access to Ivanti Neurons. You can restrict access to certain users or groups from within the Okta Application. Refer to the Okta documentation for further details.

Update Client Secret

If you want to update the Okta client secret, you need to set a new one to continue using this authentication method.

  1. In Ivanti Neurons Platform navigate to Setup > Authentication.
  2. Click Actions and select Update client secret.
    The Update Client Secret page appears.
  3. Enter the new client secret from your Okta application.
  4. Click Continue.
    The Validate Client Secret page appears.
  5. Click Validate Client Secret, this opens your Okta sign in page.
    Enter your username and password, this will be the same as the sign-in credentials for the Ivanti Neurons Platform. When you sign-in the new client secret is validated. If successful, return to this wizard and continue to update the client secret. If it is unsuccessful, go back and check if the new client secret you entered is accurate. For other failure reasons see Validation Troubleshooting.
  6. Once you have successfully validated the new client secret, select the confirmation check box I confirm I have successfully validated my new client secret and click Continue.
  7. Click Save Changes to complete the process. This updates the client secret with immediate effect, you are not required to do anything further.