Onboarding Users onto Dune Security from Okta

This guide will walk you through the process of integrating Dune Security with Okta for seamless user onboarding and identity management. Follow these steps to ensure a smooth setup and optimal performance of Dune Security within your organization.

Overview

Integrating Dune Security with Okta enables you to leverage Okta’s robust identity and access management capabilities to manage your Dune Security users. This integration supports automated user provisioning, single sign-on (SSO), and enhanced security controls.

Pre-Session Requirements

Before beginning the onboarding process, ensure that you have:

Admin access to your Okta tenant.
Admin access to your Dune Security account.
API tokens and necessary credentials for both Okta and Dune Security.

Step-by-Step Guide to Onboarding Users

1. Set Up Single Sign-On (SSO) with Okta

In Okta Admin Console:
- Navigate to Applications > Applications.
- Click Add Application.
- Select Create New App.
- Choose Web as the platform and SAML 2.0 as the sign-on method.
- Click Create.
Configure SAML Settings:
- App name: Enter "Dune Security SSO".
- Single Sign-On URL: Enter the ACS URL from your Dune Security platform
- Audience URI (SP Entity ID): Enter the Entity ID from your Dune Security platform
Attribute Statements (optional but recommended):
- Name: email
- Name format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- Value: ${user.email}
Click Next, review the configuration, and click Finish.
Assign the Application to Users:
- Go to the Assignments tab in the Dune Security SSO application.
- Assign the application to users or groups as needed.
Download the Identity Provider metadata file from the SSO configuration page in Okta and upload it to the Dune Security admin console under the SSO settings.

2. Provision Users from Okta to Dune Security

Enable SCIM Provisioning in Okta:
- Navigate to the Dune Security SSO application in Okta.
- Under the App Settings, enable SCIM Provisioning
- Go to the Provisioning tab.
- Click Configure API Integration.
- Enable API Integration and enter the SCIM API base URL: https://auth.dune.security/scim/v2.
- Unique Identifier Field: email
- Select all options for supported provisioning actions
- Authentication Mode: HTTP Header

- Enter the SCIM API token obtained from Dune Security under Authorization.
- Click Test API Credentials to verify the connection.
- Save the configuration.
Configure Provisioning Settings:
- Enable Create Users.
- Enable Update User Attributes.
- Enable Deactivate Users.
Map User Attributes:
- Ensure the attributes from Okta match the required attributes in Dune Security.
Assign Users and Groups for Provisioning:
- Go to the Assignments tab in the Dune Security SSO application.
- Assign the appropriate users and groups that you want to provision to Dune Security.

Post-Setup Verification

Test SSO Login:
- Ensure users can log in to Dune Security using Okta SSO by navigating to the Dune Security login page and selecting the Okta SSO option.
Verify User Provisioning:
- Check the Dune Security admin console to ensure that users and groups from Okta are correctly provisioned.
Monitor and Troubleshoot:
- Regularly monitor the integration logs in both Okta and Dune Security for any issues or errors.
- Contact Dune Security Support for any assistance or troubleshooting needs.

Next Steps

Next, ensure email deliverability of phishing assets to your users. Choose the appropriate guide for your email provider:

Support and Assistance

For any issues during the integration process or further assistance, please reach out to Dune Security Support at support@dune.security

By following these steps, you can successfully integrate Okta with Dune Security, ensuring a streamlined onboarding process and enhanced security for your organization.