Creating the Talend Cloud application in Okta - Cloud

Talend Cloud Single Sign-On (SSO) Configuration Guide
Version
Cloud
Language
English
Product
Talend Cloud
Module
Talend Management Console
Content
Administration and Monitoring > Managing users
Last publication date
2024-03-05

Procedure

  1. Log in to your administrator Okta account.
  2. Click Applications > Add Applications.
  3. Click Create New App.
  4. In the Create a New Application Integration window, select the Web and SAML 2.0 options, then click Create.
  5. On the General Settings page, enter a name for your application, then click Next.

    Example

    In this example, the app name is Talend Cloud.
  6. Fill in the SAML Settings:

    Field

    Value

    Single sign on URL

    https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example:

    For further information about the available regions, see the Single sign-on configuration URL row of each region at Talend Cloud regions and URLs.

    Audience URI (SP Entity ID)

    		https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example:
    When setting up SSO for multiple accounts (multiple tenants) on Talend Management Console, use their account IDs to define the unique entity ID of each account. For example, the entity ID for the AWS US region becomes https://iam.us.cloud.talend.com/oidc/ssologin/<your_account_ID>. Remember to perform the SSO setup individually for each tenant using their respective account IDs. This federates these tenants into a single SSO authentication system.
    Note: The account federation mentioned is exclusive to SSO authentication. The Talend Management Console objects, such as environments and workspaces, remain specific to each tenant and cannot be shared across tenancies.

    You can find the account ID on the Subscription page of your Talend Management Console.

    Name ID format

    Select EmailAddress from the drop-down list.

    Application username

    Select Okta username from the drop-down list.
  7. In the Attribute Statements area, add the following attributes:
    SAML attribute name Value
    given_name user.firstName
    family_name user.lastName
    TalendCloudDomainName Domain name of your Talend Cloud account tenant.
    • If you already logged in Talend Cloud, find the name in the Domain field of the Subscription page of your Talend Management Console.
    • Otherwise, three options are available for you to find your domain. For more details, see Find domains.
    email user.email
    middle_name user.middleName
    If you need to set up SCIM provisioning to synchronize users, groups, and roles between your SSO provider and Talend Cloud, you must add the CustomerRoles attribute and in its value, separate roles with commas, for example, Developer,Administrator.
  8. Click Next.
  9. On the Feedback page, select the I'm an Okta customer adding an internal app option.
  10. In the optional questions section, select the This is an internal app that we have created option.
  11. Click Finish.
  12. Click View Setup Instructions.
    A new tab opens in your browser, containing additional instructions.
  13. Copy the XML content under Optional and save it into an XML file.

Results

The Talend Cloud app is created in Okta.

You will need the metadata file as well as the organization URL to complete the setup in Talend Cloud.