Okta Authentication

Overview

By default, Expedient configures clients with 2-factor authentication (2FA) to Expedient Enterprise Workspace (EEW) with OneLogin as an identity provider.  If it is preferred, a client has the ability to substitute OneLogin for a different SAML identity provider and 2FA solution that their users may already be utilizing for access to other applications.  Examples of alternative identity provider and 2FA solutions include the Azure AD, Duo, and Okta.  If a client chooses to use a non-Expedient managed identity provider it is the responsibility of the client to manage that solution.  While Expedient may not manage these alternative solutions, Expedient is providing this documentation to assist clients with getting started with integrating their 2FA solution with Expedient Enterprise Workspace.  This document outlines the process for securing Expedient Enterprise Workspace with Okta.

Prerequisites

The steps described in this document assume that the client has already configured Okta Single Sign-On and MFA with Active Directory as its Authentication source.  

Process

Please refer to the following VMware article and its sub-pages on how to configure Okta as an identity provider for Workspace One Access 

Configure Okta as an Identity Provider for Workspace ONE

Please also review the Expedient article for how to integrate Azure AD with Workspace One Access.  The process for Azure AD and Okta should be very similar and our article for Azure AD provides more detailed information on Workspace One Access as it pertains to the Expedient Enterprise Workspace platform.