home

Mobile Endpoint Security

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Mobile Endpoint Security

Lookout Single Sign-On with Okta

Setting Up Okta

For additional information, refer to the Okta documentation on setting up a SAML application.

  1. Sign in as a Okta administrator and click My Applications, then click Admin:


  2. Click Add Applications:
  3. Click Create New App:
  4. Under Sign on method, select SAML 2.0, then click Create.

  5. In the App name field, enter Lookout-SSO, then click Next.

  6. Under GENERAL, set the following:
    FieldValue
    Single sign on URLThis is the URL provided by Lookout ending with /acs
    Audience URI (SP Entity ID)This is the URL provided by Lookout ending with /metadata
    Name ID formatUnspecified
    Application usernameEmail
  7. Under ATTRIBUTE STATEMENTS, create the following entries by clicking Add Another to extend the list.
    All entries use Name format: Basic:


    NameValue
    ent
    		The ent value provided by Lookout
    mail
    		user.email
    sn
    		user.lastName
    givenname
    		user.firstName
    upn
    		user.email
  8. Under GROUP ATTRIBUTE STATEMENTS (OPTIONAL), create the following entry:


    NameName formatFilter
    memberof
    		Basic

    This should match a common String in the user group names you use for Lookout MES Console Full Access, Restricted Access, and Read-Only administrators. For example, if your user groups are named:

    • Lookout-Full
    • Lookout-Restricted
    • Lookout-ReadOnly

    Then the memberof Filter should be:

    Contains > Lookout

    You can also use Starts with or other match types if necessary.

  9. Click Next.
  10. Under Are you a customer or partner? select I'm an Okta customer adding an internal app:
  11. Click Finish.
    The Sign-On section appears.
  12. Right click Identity Provider metadata and click Copy Link Address.
    This copies your metadata URL, which you need to provide to Lookout to complete setup.
  13. Click View Setup Instructions:


  14. Copy the Identity Provider Single Sign-On URL and provide it to Lookout:

  15. Click Assignments and assign People or Groups to the Lookout app:


  16. Navigate back to Applications and confirm that you can see the Lookout app in Okta.
  17. Send the metadata URL and Identity Provider SSO URL from Steps 11-13 to Lookout.

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.