Troubleshoot Okta IDP Configuration

Ensure the Okta IDP information includes the following information:

SSO URL = The URL provided by Tenable (for example, https://fedcloud.tenable.com/saml/login/xxxxxxxxxxxxxxxxxxxxx)
Recipient URL = The recipient URL provided by Tenable (as listed above)
Destination URL = The destination URL provided by Tenable (as listed above)
Audience Restriction (SP Entity ID) = set to NessusCloud
Check if the NameID parameter is set to Unspecified. Sometimes this works initially because their default was “user.email”, but in some cases may need to be reconfigured:
- Choose the NameID format and the application username sent to your application in the SAML response (for example EmailAddress and Email)
- In the Attribute Statements (optional) section, type the SAML attributes to be shared with your application. For example:
  - Name (in SAML application) Value (in Okta profile)
  - FirstName user.firstName
  - LastName user.lastName
  - Email user.email (edited)

For more information on Okta IDP configuration, see the following resources:

Copyright © 2023 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.