# Access Management

# Adding Accounts to the Administrator Group

  1. Go to the installation directory, which is C:\Program Files\OpeniT\Launcher by default.

  2. Create a copy of appsettings.json and rename the duplicate file to appsettings.Override.json.

    Open the existing appsettings.Override.json, if there is already one.

  3. In the override file, add the new account(s) under Administrators following the format:

    appsettings.Override.json
    "Administrators": [ "HOSTNAME\\user", "user@email.com", "DOMAIN\\user" ]

  4. Save the changes.

# Setting the Authentication Method to SAML2

Application Launcher supports Negotiate and SAML2 authentication protocols. By default, it uses the Negotiate protocol for Windows Authentication.

To set up SAML2:

  1. Go to the installation directory, which is C:\Program Files\OpeniT\Launcher by default.

  2. Create a copy of appsettings.json and rename the duplicate file to appsettings.Override.json.

    Open the existing appsettings.Override.json, if there is already one.

  3. In the override file, set the value of AuthenticationMethod to Saml2.

  4. Under the Saml2 block, input IdPMetadata and Issuer.

    appsettings.Override.json
    "AuthenticationMethod": "Saml2",
"Saml2": {
"IdPMetadata": "",
"Issuer": "",
"SignatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
"CertificateValidationMode": "ChainTrust",
"RevocationMode": "NoCheck",
"ClaimAttribute": "nameidentifier"
}

    Follow the instructions to Get the IdPMetadata and Issuer in Okta.

  5. Save the changes.

# Getting the IdPMetadata and Issuer in Okta

  1. Log in to Okta.

  2. In the left pane, expand Applications and click Applications.

  3. Click the created application for Application Launcher (in this case, Open iT Web Launcher).

    Application Launcher in Okta

    Application Launcher in Okta

  4. Click the Sign On tab and copy the link of Identity Provider metadata.

    This is the required IdPMetadata to set up SAML2 in Application Launcher.

    Getting the IdPMetadata

    Getting the IdPMetadata

  5. Click the General tab.

  6. Under the SAML Settings, copy the value of Audience Restriction.

    This is the required Issuer to set up SAML2 in Application Launcher.

    Getting the Issuer

    Getting the Issuer

Powered by Open iT ® Open iT Docs All rights reserved.

We value your feedback!

Please take a few minutes to complete our survey and share your thoughts on your recent experience with our documentation.

Take survey

Close