This page applies to MicroStrategy 2021 Update 6 and newer versions.

Enabling SAML Single Logout for Okta

Starting in MicroStrategy 2021 Update 6, you can enable SAML single logout for Okta for the following products:

Generate SAML config files with global logout mode enabled.
1. Open the SAML config page: https://FQDN:port/MicroStrategy/saml/config/open.
2. Choose a Logout mode of Global.
3. Enter any other necessary information and click Generate config.
Enable the application to initiate single logout using the Okta console.
1. Open the Okta console.
2. In SAML Settings, click Show Advanced Settings.
  - Select Allow application to initiate Single Logout.
  - Enter the Single Logout URL: https://FQDN:port/MicroStrategy/saml/SingleLogout
  - In SP Issuer, enter the entity ID if desired.
  - Upload the signature certification.
    - Create a file named signature.crt. Make sure this file starts with -----BEGIN CERTIFICATE----- and end with -----END CERTIFICATE-----.
    - Copy the ds:X509Certificate value from SPMetadata.xml as shown below.
      Copy
      -----BEGIN CERTIFICATE----- MIIDoDCCAgigAwIBAgIEFJ1sZDANBgkqhkiG9w0BAQwFADASMRAwDgYDVQQDDAdzaWduS2V5MB4Xn707jRnJRiDr8qNverYFLJwjNZo= -----END CERTIFICATE-----
    - In Signature Certificate, upload signature.crt.
Download IDPMetadata.xml.
1. In the Okta console, choose SAML Application - Sign on.
2. Click View SAML setup instructions.
3. Copy the content in Optional - Provide the following... into IDPMetadata.xml under the SAML folder.
Restart the Web server.