Demo: SAML Integrations to On-Prem Apps via Reverse Proxies

Speaker 1: So to integrate your own premises applications, the ones that are header-based or have some other legacy mechanism into the access management solution of Okta, we take a different approach. We partner with best of breed solutions like Citrix, Netscaler and F5 to perform the reverse proxy. Now the reason we do this is because we believe it gives you the best user experience and the most cost effectiveness. Most of our customers already have one of these solutions in place. We also want a solution that's going to scale flexibly and that will allows customers to leverage their existing investments and skillsets. So that's why we partner with F5 and Netscaler to perform hetero based integration with on premises application.

Speaker 1: So what does that experience look like? Well, it's very seamless. So I click on the F5 bookmark and you can see I'm logged right in to this on premises application, which is actually behind the firewall. And I get header-based integration. You can see these are the headers right here that are pulled from my http editors. And for the full list of the headers, you can go to this sample application that we've built that exposes those.

Speaker 1: For Citrix, they have a similar integration. So let's say I want to launch a Windows application like Notepad, I just click on the Notepad I found in my Okta dashboard and that launches and I get that native Windows experience. Let's see, that's going to launch or pop up any second. There you go. There's your Notepad application. You can also get a full desktop experience in the same way. So our theory here is that most of our customers have a solution like this already. They're using either Citrix or F5 to expose on premises resources and they're really happy with it. We don't want to, you have to rip that out. We want to just integrate that natively with Okta.

Speaker 1: So how do you set that up on the admin side? Well, thankfully it's very easy. So it requires two things. One, a SAML integration, F5 and Citrix both support SAML. So our SAML app was there on our Okta side. Set up all your settings and you get SAML integration that way. The other thing you have to do is add a bookmark app. This bookmark app ties directly to the application that's on premises, so it's just a URL that goes to the application on prem. This is what the users actually see. They click on this and they log in, they get access, so that's all it takes to set this up.