Troubleshoot Okta IDP Configuration

Ensure the Okta IDP information includes the following information:

• SSO URL = The URL provided by Tenable (for example, https://fedcloud.tenable.com/saml/login/xxxxxxxxxxxxxxxxxxxxx)

• Recipient URL = The recipient URL provided by Tenable (as listed above)

• Destination URL = The destination URL provided by Tenable (as listed above)

• Audience Restriction (SP Entity ID) = set to NessusCloud

• Check if the NameID parameter is set to Unspecified. Sometimes this works initially because their default was “user.email”, but in some cases may need to be reconfigured:

  • Choose the NameID format and the application username sent to your application in the SAML response (for example EmailAddress and Email)

  • In the Attribute Statements (optional) section, type the SAML attributes to be shared with your application. For example:

    • Name (in SAML application) Value (in Okta profile)

    • FirstName user.firstName

    • LastName user.lastName

    • Email user.email (edited)

For more information on Okta IDP configuration, see the following resources:

• Okta Developer Portal

• Create SAML App Integrations

• Build a Single Sign-On Integration

• Create a SAML Integration in Okta