Problem
Organizations using Okta for Single Sign-On (SSO) functionality with Veritas Alta Archiving could be re-directed to the Login Gateway for any Veritas Alta Archiving web pages such as Personal Archive (PA), Veritas Alta eDiscovery, or the Admin Console, as shown below:
Error Message
No particular error will appear, but the verified SSO session should allow users access without signing in through the Veritas Alta Archiving login gateway.
Cause
This is typically due to a digital signature being excluded from the Okta SAML response to the Veritas Alta Archiving authentication servers.
Solution
Ensure the following fields are set accordingly in the Okta administration console, under settings for the Veritas Alta Archiving application:
Response - Unsigned
Assertion Signature - Signed
Signature Algorithm - RSA_SHA256
Digest Algorithm - SHA256
Note: All SSO providers must provide signatures in responses to SAML requests by Veritas Alta Archiving, or those requests would fail. This particular article focuses on the proper implementation of signatures in those responses with Okta.
Related Knowledge Base Articles
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.