Creating the Talend Cloud application in Okta - Cloud

Talend Cloud Single Sign-On (SSO) Configuration Guide
Version
Cloud
Language
English
Product
Talend Cloud
Module
Talend Management Console
Content
Administration and Monitoring > Managing users

Procedure

  1. Log in to your administrator Okta account.
  2. Click Applications > Add Applications.
  3. Click Create New App.
  4. In the Create a New Application Integration window, select the Web and SAML 2.0 options, then click Create.
  5. On the General Settings page, enter a name for your application, then click Next.

    Example

  6. Fill in the SAML Settings:

    Field

    Value

    Single sign on URL

    https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example:

    For further information about the available regions, see the Single sign-on configuration URL row of each region at Talend Cloud regions and URLs.

    Audience URI (SP Entity ID)

    		https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example:

    When you need to set up SSO for multiple accounts (multiple tenants) on Talend Cloud Management Console, use their account IDs to define the unique entity ID of each account. For example, the entity ID for the AWS US region above becomes https://iam.us.cloud.talend.com/oidc/ssologin/<your_account_ID>.

    You can find the account ID on the Subscription page of your Talend Management Console.

    Name ID format

    Select EmailAddress from the drop-down list.

    Application username

    Select Okta username from the drop-down list.
  7. In the Attribute Statements area, add the following attributes:
    SAML attribute name Value
    given_name user.firstName
    family_name user.lastName
    TalendCloudDomainName Your Talend Cloud account name.
    • If you already logged in Talend Cloud, find the account name in the Domain field of the Subscription page of your Talend Management Console.
    • Otherwise, three options are available for you to find your domain. For more details, see Find domains.
    email user.email
    middle_name user.middleName

    If you need to set up SCIM provisioning to synchronize users, groups, and roles between your SSO provider and Talend Cloud, you must add the CustomerRoles parameter and in its value, separate roles with commas, for example, Developer,Administrator. For a step-by-step demonstration about how to set up SCIM provisioning, see this example.

  8. Click Next.
  9. On the Feedback page, select the I'm an Okta customer adding an internal app option.
  10. In the optional questions section, select the This is an internal app that we have created option.
  11. Click Finish.
  12. Click View Setup Instructions.
    A new tab opens in your browser, containing additional instructions.
  13. Copy the XML content under Optional and save it into an XML file.

Results

You will need the metadata file as well as the organization URL to complete the setup in Talend Cloud.