Configure SAML with Okta

Set up

You can configure Google Threat Intelligence to use SAML with Okta. These are the recommended steps for this set-up:

1. Okta Admin Panel

In the Okta Admin Panel, go to the Applications tab:

Okta Administration Panel

2. Applications tab

In the Applications tab, click on “Create App Integration”

Okta Create APP

3. Select “SAML 2.0”

Okta Create APP choose SAML

4. Provide an app name and a logo

Okta General Settings

5. Fill in the fields

Fill the following fields with the following information:
Single sign on URL:
https://virustotalcloud.firebaseapp.com/__/auth/handler
Audience URI: You can use any string you want as “Audience URI” as long as it's exactly the same in Google Threat Intelligence and in Okta. Alternatively, you can also introduce the Single sign on URL mentioned above
Name ID: “EmailAddress”
Application username: “Email”
* Leave all other fields with their default values:

Okta SSO URL

6. Configuration is finished. View Setup Instructions

Once your configuration is finished, this is how your configuration should look. Click on the “View Setup Instructions” button:

Okta Setup Instructions

7. Overview

You should see something like this:

Okta

8. Copy data in Google Threat Intelligence

Copy those values in your Google Threat Intelligence’s group configuration available at https://www.virustotal.com/gui/group/GROUP_NAME/settings and click on Save SSO data:

Okta Google Threat Intelligence group settings

9. Copy the Google Threat Intelligence sign-in URL

Copy the URL at the “Google Threat Intelligence sign-in URL” section and use it to configure a bookmark app that will launch the sign-in process.

Okta Copy URL Okta Add Bookmark

10. Bookmark app

Your users must use the bookmark app to login into Google Threat Intelligence. Make sure the SAML app is hidden for them.

Okta Hide Icon

Troubleshooting

This section aims to provide steps to solve the most common issues when setting up a SAML configuration.

  • Unable to Process request due to missing initial state. This may happen if browser sessionStorage is inaccessible or accidentally cleared: Check the reply URL is configured correctly on your IdP configuration.

  • Pop up blocked: The signin dialog opens in a popup, so you need to explicitly allow virustotal.com to open popups.

  • Response mismatch: the field "identity provider issuer" must be an URL to your SAML provider.

  • Error: app_not_configured_for_user: Specifically when configuring SAML using Google Workspace. This error occurs when attempting to log into signin.blackbaud.com using a BBID enabled Google account while another Google account is already signed in in the browser

  • User is not assigned to this application.: Contact your group administrators so they can add you to the user list on Okta.

If you still need assistance, contact our support team attaching the SAML XML configuration.