Skip to main content

Access Management

Adding Accounts to the Administrator Group

  1. Go to the installation directory, which is C:\Program Files\OpeniT\Launcher by default.

  2. Create a copy of appsettings.json and rename the duplicate file to appsettings.Override.json.

    Open the existing appsettings.Override.json, if there is already one.

  3. In the override file, add the new account(s) under Administrators following the format:

    appsettings.Override.json
    "Administrators": [ "HOSTNAME\\user", "user@email.com", "DOMAIN\\user" ]
    note

    Make sure to follow the domain\\name format and provide a valid email address or Okta account.

  4. Save the changes.

Setting the Authentication Method to SAML2

App Launcher supports Negotiate and SAML2 authentication protocols. By default, it uses the Negotiate protocol for Windows Authentication.

To set up SAML2:

  1. Go to the installation directory, which is C:\Program Files\OpeniT\Launcher by default.

  2. Create a copy of appsettings.json and rename the duplicate file to appsettings.Override.json.

    Open the existing appsettings.Override.json, if there is already one.

  3. In the override file, set the value of AuthenticationMethod to Saml2.

  4. Under the Saml2 block, input IdPMetadata and Issuer.

    appsettings.Override.json
    "AuthenticationMethod": "Saml2",
    "Saml2": {
    "IdPMetadata": "",
    "Issuer": "",
    "SignatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
    "CertificateValidationMode": "ChainTrust",
    "RevocationMode": "NoCheck",
    "ClaimAttribute": "nameidentifier"
    }

    Follow the instructions to Get the IdPMetadata and Issuer in Okta.

  5. Save the changes.

Getting the IdPMetadata and Issuer in Okta

  1. Log in to Okta.

  2. In the left pane, expand Applications and click Applications.

  3. Click the created application for App Launcher (in this case, Open iT Web Launcher).

    App Launcher in Okta

    App Launcher in Okta


  4. Click the Sign On tab and copy the link of Identity Provider metadata.

    This is the required IdPMetadata to set up SAML2 in App Launcher.

    Getting the IdPMetadata

    Getting the IdPMetadata


  5. Click the General tab.

  6. Under the SAML Settings, copy the value of Audience Restriction.

    This is the required Issuer to set up SAML2 in App Launcher.

    Getting the Issuer

    Getting the Issuer