https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5142955#M590530 <P>Hi all. Is it possible to log into ISE admin via Okta? Using ISE 3.2. The idea would be to have a tile in Okta that would be used to log into ISE to admin the deployment. I see guides for using Okta for guest portal, is the config the same and just point admin access to Okta instead of something like AD?</P> <P>I also see in Katherine and Aarons 300-715 book that a SAML ID store is not available for admin login as of 2.6, is that still the case?</P> <P>Thanks</P> Wed, 10 Jul 2024 16:01:18 GMT steve.berglund 2024-07-10T16:01:18Z https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5142955#M590530 <P>Hi all. Is it possible to log into ISE admin via Okta? Using ISE 3.2. The idea would be to have a tile in Okta that would be used to log into ISE to admin the deployment. I see guides for using Okta for guest portal, is the config the same and just point admin access to Okta instead of something like AD?</P> <P>I also see in Katherine and Aarons 300-715 book that a SAML ID store is not available for admin login as of 2.6, is that still the case?</P> <P>Thanks</P> Wed, 10 Jul 2024 16:01:18 GMT https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5142955#M590530 steve.berglund 2024-07-10T16:01:18Z https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5143148#M590541 <P>Yes, ISE 3.2 supports using SAML IdP for the Admin portal login. See the <A href="https://www.cisco.com/c/en/us/td/docs/security/ise/3-2/admin_guide/b_ise_admin_3_2/b_ISE_admin_32_asset_visibility.html#task_h2d_4rn_znb" target="_blank" rel="noopener">Admin Guide</A> for the steps to configure it.</P> <P>This flow will use external authentication but internal authorization, so you will need to add the Group defined for the assertion to the relevant ISE RBAC Admin Group as an External group.</P> Wed, 10 Jul 2024 23:05:32 GMT https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5143148#M590541 Greg Gibbs 2024-07-10T23:05:32Z https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5143151#M590542 <P>Sad part is I completely missed that. Good stuff, thanks for the response.&nbsp;</P> Wed, 10 Jul 2024 23:12:01 GMT https://community.cisco.com/t5/network-access-control/logging-into-ise-via-okta/m-p/5143151#M590542 steve.berglund 2024-07-10T23:12:01Z