Map groups to Lenses 

Groups are case-sensitive and mapped by name with Okta

Integrate your user-groups with Lenses using the Okta group names. Create a group in Lenses using the same case-sensitive group name as in Okta.

For example, if the Engineers group is available in Okta, create a group with the same name:

Okta SAML Kafka user groups

The above group will match all the users in the equivalent Okta group:

Okta SAML user groups

Learn how to set data permissions for users and service accounts using Apache Kafka and Okta.

Set up Okta IdP 

Lenses is available directly in Okta’s Application catalog.

Add application in the Catalog 

  1. Go to Applications > Applications
  2. Click Browse App Catalog
  3. Search for Lenses
  4. Select Lenses
  5. Add Lenses by pressing Add Integration

Okta Lenses Search

Okta Lenses Add

Set General Settings 

  1. App label: Lenses
  2. Set the base url of your lenses installation e.g. https://lenses-dev.example.com
  3. Click Done

Okta general settings Kafka

Setup the Lenses SSO app 

Setup is needed for Okta to provide user’s groups information.

  1. Go to Applications > Applications > Lenses.io
  2. Click Sign On tab
  3. Change setting groups to Matches regex winth value .*.

Okta Lenses settings

Okta Lenses settings groups

Download idP XML metadata 

Download the Metadata XML file with the Okta IdP details.

  1. Go to Sign On tab > Settings > SAML 2.0 > Metadata details
  2. Use provided URL and download the XML data to OktaIDPMetadata.xml
  3. You will reference this file’s path in the security.conf configuration file.

Okta SAML IdP metadata

Configure Lenses 

Given the downloaded metadata file and a keystore, add the following configuration to security.conf:

lenses.security.saml.keystore.location = "/path/to/keystore.jks"
lenses.security.saml.keystore.password = "my_keystore_password"
lenses.security.saml.key.password = "my_saml_key_password"

Learn more about SSO with SAML in Okta documentation.

See all SSO options.