Configuring SAML and Okta | Chainalysis Documentation 25/04/22, 5:12 PM

Guides » Kryptos » Self service » Single sign-on » ConEguring SAML and Okta

Search guides Configuring SAML and

In this guide: Okta
Kryptos Chainalysis supports Single sign-on with SAML and any IdP of
choice (Okta, OneLogin, Auth0, etc.). This how-to provides SAML
What's new instructions speciEc to Okta.
Getting started
with Kryptos

Service proEles
Before you start
Self service Before you continue to the steps below, please ensure you meet
the following requirements:
Customer
Admin Portal Have admin access to your Okta platform.

Using the Receive the Sign in URL and Entity ID from your CSM, or if
Customer you have access to the Customer Admin Portal, complete
Admin
the steps in Enabling SSO in the Customer Admin Portal to
Portal
obtain these items.
Single sign-on

ConEguring
OIDC and
Create your SAML connection
Okta
After you log in as an admin:
ConEguring
OIDC and 1. Select the Applications menu from the navigation panel,
Google then select the Create App Integration button. The Create
ConBguring
a new app integration window appears.
SAML and
Okta

ConEguring
SAML and
OneLogin

ConEguring

https://reactor.chainalysis.com/knowledge-base/kryptos/self-service/sso/sso-saml-okta Page 1 of 4
Configuring SAML and Okta | Chainalysis Documentation 25/04/22, 5:12 PM

SAML and
PingIdentity

ConEguring
SAML and
DuoSecurity

ConEguring
SAML and
DuoSecurity 2. Select SAML 2.0 as the authentication method, then click
Next.
ConEguring
SAML and 3. In the Create SAML integration window that appears, enter
Keycloak Chainalysis as the App name, and, optionally, provide
FAQs the Chainalysis Logo, then click Next.

4. On the ConBgure SAML tab:

Enter the Sign in URL from the prerequisite in the

Single sign on URL Eeld.

Enter the Entity ID from the prerequisite in the

Audience URI (SP Entity ID) Eeld.

Select EmailAddress from the Name ID format

drop-down menu.

5. Create the following Attribute Statements:

Name Value

email user.email

1rstName user.1rstName

https://reactor.chainalysis.com/knowledge-base/kryptos/self-service/sso/sso-saml-okta Page 2 of 4
Configuring SAML and Okta | Chainalysis Documentation 25/04/22, 5:12 PM

lastName user.lastName

\. Click Save to Enalize your conEguration.

Share the Sign in URL and

Signing Certificate
After creating your SAML connection, you should share the Sign
in URL and Signing CertiBcate with Chainalysis to Enish the
connection. If you have access to the Customer Admin Portal,
follow the steps in Enabling SSO in the Customer Admin Portal. If
you don’t have access, share these items with your Chainalysis
CSM.

To retrieve these items:

1. Select the Applications navigation panel > App > Sign On

tab > View setup instructions button.

2. Copy the Sign in URL and Signing CertiBcate to share with

your CSM or complete in the Customer Admin Portal.

Assign team members to your

Chainalysis application
Once you have created your SAML connection, you must assign
your team members with your identity provider. For Okta, select
the Applications menu from the navigation panel, select the
Assign Users to App button and enter your team member's
information.

Note: Please communicate any team members you offboard

to Chainalysis so we can re_ect the appropriate changes in
our system. Otherwise, the offboarded team member will
still use a license seat in the Chainalysis user management
system.

https://reactor.chainalysis.com/knowledge-base/kryptos/self-service/sso/sso-saml-okta Page 3 of 4
Configuring SAML and Okta | Chainalysis Documentation 25/04/22, 5:12 PM

© 2022 Chainalysis Inc. All rights reserved.

https://reactor.chainalysis.com/knowledge-base/kryptos/self-service/sso/sso-saml-okta Page 4 of 4