Skip to main content
Version: Config V1 (legacy)

Okta Identity Provider

Connect ConfigCat with Okta via SAML.

Introduction

Each SSO Identity Provider requires specific information to configure a SAML integration. The following guide will walk you through how you can connect ConfigCat with Okta as a SAML Identity Provider.

1. Create an Application in Okta

  • Log in to Okta, go to the admin dashboard, and select Applications.

    Okta applications
  • Click on Create App Integration.

    Okta create app
  • Select SAML 2.0 as the Sign-in method.

    Okta select SAML
  • Enter a descriptive App name, then click Next.

    Okta app name

The next step will guide you on how to collect the information required for the appearing Configure SAML section.

2. Configure SAML for the Okta Application

  • Open your organization's authentication settings on the ConfigCat Dashboard.

    ConfigCat authentication settings
  • Click ADD SAML IDENTITY PROVIDER.

    ConfigCat Add Identity Provider
  • Give a name for your Identity Provider, and click Create.

    ConfigCat Name Identity Provider
  • From the next section of the dialog, copy the following values and paste them into the Okta application.

    • Entity ID -> Audience URI (SP Entity ID)

    • Assertion Consumer Service -> Single sign on URL

      ConfigCat SAML configuration Okta SAML url EID
  • Set the Name ID format to EmailAddress, then click Next.

    Okta SAML nameid
  • Select I'm an Okta customer adding an internal app. Complete the form with any comments and click Finish.

    Okta SAML feedback

3. Configure ConfigCat with SAML Details from Okta

You can choose one of the following options to configure ConfigCat with SAML Identity Provider metadata.

  • Select the Sign On tab.

    Okta sign on tab
  • Copy the URL of View IdP metadata.

    Okta metadata url
  • Paste the copied value into the Metadata URL field at ConfigCat.

    ConfigCat metadata url
  • Select the trusted domains. Only user accounts from trusted domains can login with SAML SSO. You can bind multiple verified domains to a SAML Identity Provider.

    Select trusted domains
  • Click on Save.

4. Assign Users to Okta Application

To let users authenticate via SAML, you need to assign individual users or groups to the Okta application.

  • Select the Assignments tab, and select either the Assign to People or the Assign to Groups option.

    Okta assign to groups

5. Sign In

  • Go to the ConfigCat Log In page, and click COMPANY ACCOUNT - SAML.

    ConfigCat SAML login
  • Sign in with your company email address assigned to the Okta application.

    ConfigCat SAML company login
  • ConfigCat will redirect you to Okta's sign in page. Type your credentials, and click Sign In.

    Okta sign in
  • You should be redirected to ConfigCat signed in with your company account.

6. Next Steps