Following the documentation via the link below, I have successfully configured Okta as an Identity Provider for Sophos Central. I can log in successfully via the Sophos app by entering my email address, selecting the SSO button, but have run into a couple of issues.
1. I cannot successfully log in to Sophos when it is initiated from the Okta portal. I surmise this has something to do the having the correct URIs. The only URI specified in the Sophos Central configuration is https://federation.sophos.com/login/callback. What URIs should be used for Sign-in, Sign-out, and the Initiate login URI?2. When logging in with Okta, even though we have MFA setup for the application, I am still prompted for a 6 digit code sent via email from Sophos Central.
This is the link I used for configuration:Use OpenID Connect as an identity provider (sophos.com)
Okta Early access program is completed and this functionality was released as of June 11th for customers and will be released on July 02 2022 for Partners.
Here is the link to the documentation https://docs.sophos.com/central/Customer/help/en-us/ManageYourProducts/Overview/GlobalSettings/SophosSignin/index.html
Hi Adam Taube - just wondered if you found a way to get the Okta initiated login working? Thanks!
The link provided below by PavSupport no longer works and not sure it was related to my problem. I ended hiding the OIDC Sophos app icon in Okta and using the bookmark app to add a shortcut to the Sophos Central login. I have not found updated instructions for Sophos Central to allow IDP initiated login from Okta.
Great thanks - yeah I didn't find any other instructions either. Bookmark is a good idea though! Just a shame we can't do the IDP initiated login, and skip typing in the ID.