Skip to content

Commit 03c481b

Browse files
Merge pull request #250877 from omondiatieno/fed-okta
okta fed -UI updates
2 parents cc43b98 + 138d6e5 commit 03c481b

File tree

2 files changed

+18
-20
lines changed

2 files changed

+18
-20
lines changed

articles/active-directory/manage-apps/f5-integration.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ When Azure AD pre-authenticates access to BIG-IP published services, there are m
3636
Other benefits include:
3737

3838
- One control plane to govern identity and access
39-
- The [Azure portal](https://azure.microsoft.com/features/azure-portal/)
39+
- The [Microsoft Entra admin center](https://entra.microsoft.com)
4040
- Preemptive [Conditional Access](../conditional-access/overview.md)
4141
- [Azure AD Multi-Factor Authentication (MFA)](../authentication/concept-mfa-howitworks.md)
4242
- Adaptive protection through user and session risk profiling

articles/active-directory/manage-apps/migrate-okta-federation.md

Lines changed: 17 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ You can migrate federation to Azure Active Directory (Azure AD) in a staged mann
2323

2424
- An Office 365 tenant federated to Okta for SSO
2525
- An Azure AD Connect server or Azure AD Connect cloud provisioning agents configured for user provisioning to Azure AD
26+
- One of the following roles: Global Administrator, Application Administrator, Cloud Application Administrator, or Hybrid Identity Administrator.
2627

2728
## Configure Azure AD Connect for authentication
2829

@@ -59,7 +60,7 @@ For this tutorial, you configure password hash synchronization and seamless SSO.
5960

6061
![Screenshot of the Azure AD Connect app with the page for changing user sign-in.](media/migrate-okta-federation/change-user-signin.png)
6162

62-
5. Enter Global Administrator credentials.
63+
5. Enter the credentials of the Global Administrator of the Azure AD Connect server.
6364

6465
![Screenshot of the Azure A D Connect app that shows where to enter Global Administrator credentials.](media/migrate-okta-federation/global-admin-credentials.png)
6566

@@ -89,11 +90,8 @@ Learn more: [Migrate to cloud authentication using Staged Rollout](../hybrid/con
8990

9091
After you enable password hash sync and seamless SSO on the Azure AD Connect server, configure a staged rollout:
9192

92-
1. Sign in to the [Azure portal](https://portal.azure.com), then select **View** or **Manage Azure Active Directory**.
93-
94-
![Screenshot of the Azure portal with welcome message.](media/migrate-okta-federation/portal.png)
95-
96-
2. On the **Azure Active Directory** menu, select **Azure AD Connect**.
93+
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Hybrid Identity Administrator](../roles/permissions-reference.md#hybrid-identity-administrator).
94+
2. Browse to **Identity** > **Hybrid management** > **Azure AD Connect** > **Connect Sync**.
9795
3. Confirm **Password Hash Sync** is enabled in the tenant.
9896
4. Select **Enable staged rollout for managed user sign-in**.
9997

@@ -104,11 +102,11 @@ After you enable password hash sync and seamless SSO on the Azure AD Connect ser
104102
7. **Seamless single sign-on** is **Off**. If you enable it, an error appears because it's enabled in the tenant.
105103
8. Select **Manage groups**.
106104

107-
![Screenshot of the Enable staged rollout features page in the Azure portal. A Manage groups button appears.](media/migrate-okta-federation/password-hash-sync.png)
105+
![Screenshot of the Enable staged rollout features page in the Microsoft Entra admin center. A Manage groups button appears.](media/migrate-okta-federation/password-hash-sync.png)
108106

109107
9. Add a group to the password hash sync rollout. In the following example, the security group starts with 10 members.
110108

111-
![Screenshot of the Manage groups for Password Hash Sync page in the Azure portal. A group is in a table.](media/migrate-okta-federation/example-security-group.png)
109+
![Screenshot of the Manage groups for Password Hash Sync page in the Microsoft Entra admin center. A group is in a table.](media/migrate-okta-federation/example-security-group.png)
112110

113111
10. Wait about 30 minutes for the feature to take effect in your tenant.
114112
11. When the feature takes effect, users aren't redirected to Okta when attempting to access Office 365 services.
@@ -125,14 +123,14 @@ Users that converted to managed authentication might need access to applications
125123

126124
Configure the enterprise application registration for Okta.
127125

128-
1. Sign in to the [Azure portal](https://portal.azure.com), then under **Manage Azure Active Directory**, select **View**.
129-
2. On the left menu, under **Manage**, select **Enterprise applications**.
126+
1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator).
127+
2. Browse to **Identity** > **Applications** > **Enterprise applications** > **All applications**.
130128

131-
![Screenshot of the left menu of the Azure portal.](media/migrate-okta-federation/enterprise-application.png)
129+
![Screenshot of the left menu of the Microsoft Entra admin center.](media/migrate-okta-federation/enterprise-application.png)
132130

133-
3. On the **All applications** menu, select **New application**.
131+
3. Select **New application**.
134132

135-
![Screenshot that shows the All applications page in the Azure portal. A new application is visible.](media/migrate-okta-federation/new-application.png)
133+
![Screenshot that shows the All applications page in the Microsoft Entra admin center. A new application is visible.](media/migrate-okta-federation/new-application.png)
136134

137135
4. Select **Create your own application**.
138136
5. On the menu, name the Okta app.
@@ -146,14 +144,14 @@ Configure the enterprise application registration for Okta.
146144
10. On the Azure AD menu, select **App registrations**.
147145
11. Open the created registration.
148146

149-
![Screenshot of the App registrations page in the Azure portal. The new app registration appears.](media/migrate-okta-federation/app-registration.png)
147+
![Screenshot of the App registrations page in the Microsoft Entra admin center. The new app registration appears.](media/migrate-okta-federation/app-registration.png)
150148

151149
12. Record the Tenant ID and Application ID.
152150

153151
>[!Note]
154152
>You need the Tenant ID and Application ID to configure the identity provider in Okta.
155153
156-
![Screenshot of the Okta Application Access page in the Azure portal. The Tenant ID and Application ID appear.](media/migrate-okta-federation/record-ids.png)
154+
![Screenshot of the Okta Application Access page in the Microsoft Entra admin center. The Tenant ID and Application ID appear.](media/migrate-okta-federation/record-ids.png)
157155

158156
13. On the left menu, select **Certificates & secrets**.
159157
14. Select **New client secret**.
@@ -181,7 +179,7 @@ Configure the enterprise application registration for Okta.
181179
27. On the left menu, select **Branding**.
182180
28. For **Home page URL**, add your user application home page.
183181

184-
![Screenshot of the Branding page in the Azure portal.](media/migrate-okta-federation/add-branding.png)
182+
![Screenshot of the Branding page in the Microsoft Entra admin center.](media/migrate-okta-federation/add-branding.png)
185183

186184
29. In the Okta administration portal, to add a new identity provider, select **Security** then **Identity Providers**.
187185
30. Select **Add Microsoft**.
@@ -218,7 +216,7 @@ You created the identity provider (IDP). Send users to the correct IDP.
218216
8. Add the redirect URI you recorded in the IDP in Okta.
219217
9. Select **Access tokens** and **ID tokens**.
220218

221-
![Screenshot of the Configure Web page in the Azure portal. A redirect URI appears. The access and I D tokens are selected.](media/migrate-okta-federation/access-id-tokens.png)
219+
![Screenshot of the Configure Web page in the Microsoft Entra admin center. A redirect URI appears. The access and I D tokens are selected.](media/migrate-okta-federation/access-id-tokens.png)
222220

223221
10. In the admin console, select **Directory**.
224222
11. Select **People**.
@@ -234,15 +232,15 @@ You created the identity provider (IDP). Send users to the correct IDP.
234232

235233
After you configure the Okta app in Azure AD and configure the IDP in the Okta portal, assign the application to users.
236234

237-
1. In the Azure portal, select **Azure Active Directory** then **Enterprise applications**.
235+
1. In the Microsoft Entra admin center, browse to **Identity** > **Applications** > **Enterprise applications**.
238236
2. Select the app registration you created.
239237
3. Go to **Users and groups**.
240238
4. Add the group that correlates with the managed authentication pilot.
241239

242240
>[!NOTE]
243241
>You can add users and groups from the **Enterprise applications** page. You can't add users from the **App registrations** menu.
244242
245-
![Screenshot of the Users and groups page of the Azure portal. A group called Managed Authentication Staging Group appears.](media/migrate-okta-federation/add-group.png)
243+
![Screenshot of the Users and groups page of the Microsoft Entra admin center. A group called Managed Authentication Staging Group appears.](media/migrate-okta-federation/add-group.png)
246244

247245
5. Wait about 15 minutes.
248246
6. Sign in as a managed authentication pilot user.

0 commit comments

Comments
 (0)