Creating the Talend Cloud application in Okta

Procedure

Log in to your administrator Okta account.
Click Applications > Add Applications.
Click Create New App.
In the Create a New Application Integration window, select the Web and SAML 2.0 options, then click Create.
On the General Settings page, enter a name for your application, then click Next.
Example

Fill in the SAML Settings:

Field	Value
Single sign on URL	https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example: AWS US: https://iam.us.cloud.talend.com/oidc/ssologin AWS EMEA: https://iam.eu.cloud.talend.com/oidc/ssologin AWS APAC: https://iam.ap.cloud.talend.com/oidc/ssologin Azure: https://iam.us-west.cloud.talend.com/oidc/ssologin For further information about the available regions, see the Single sign-on configuration URL row of each region at Accessing Talend Cloud applications.
Audience URI (SP Entity ID)	https://iam.<env>.cloud.talend.com/oidc/ssologin, where <env> is the name of your Cloud region, for example: AWS US: https://iam.us.cloud.talend.com/oidc/ssologin AWS EMEA: https://iam.eu.cloud.talend.com/oidc/ssologin AWS APAC: https://iam.ap.cloud.talend.com/oidc/ssologin Azure: https://iam.us-west.cloud.talend.com/oidc/ssologin When setting up SSO for multiple accounts (multiple tenants) on Talend Management Console, use their account IDs to define the unique entity ID of each account. For example, the entity ID for the AWS US region becomes https://iam.us.cloud.talend.com/oidc/ssologin/<your_account_ID>. Remember to perform the SSO setup individually for each tenant using their respective account IDs. This federates these tenants into a single SSO authentication system. Information noteNote: The account federation mentioned is exclusive to SSO authentication. The Talend Management Console objects, such as environments and workspaces, remain specific to each tenant and cannot be shared across tenancies. You can find the account ID on the Subscription page of your Talend Management Console.
Name ID format	Select EmailAddress from the drop-down list.
Application username	Select Okta username from the drop-down list.

In the Attribute Statements area, add the following attributes:

SAML attribute name	Value
`given_name`	`user.firstName`
`family_name`	`user.lastName`
`TalendCloudDomainName`	Domain name of your Talend Cloud account tenant. If you already logged in Talend Cloud, find the name in the Domain field of the Subscription page of your Talend Management Console. Otherwise, three options are available for you to find your domain. For more details, see Find domains.
`email`	`user.email`
`middle_name`	`user.middleName`
`CustomerRoles`	If you need to set up SCIM provisioning to synchronize users, groups, and roles between your SSO provider and Talend Cloud, you must add the CustomerRoles attribute and in its value, separate roles with commas, for example, Developer,Administrator. For further information about how to define these roles for Talend Cloud in Okta, see Role assignment in the Okta developer documentation. For a step-by-step demonstration about how to set up SCIM provisioning, see Managing and synchronizing user identities across your third-party system and Talend Cloud.

Click Next.
On the Feedback page, select the I'm an Okta customer adding an internal app option.
In the optional questions section, select the This is an internal app that we have created option.
Click Finish.
Click View Setup Instructions.
A new tab opens in your browser, containing additional instructions.
Copy the XML content under Optional and save it into an XML file.

Results

The Talend Cloud app is created in Okta.

You will need the metadata file as well as the organization URL to complete the setup in Talend Cloud.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here