Okta Identity Provider
Connect ConfigCat with Okta via SAML.
Introduction
Each SSO Identity Provider requires specific information to configure a SAML integration. The following guide will walk you through how you can connect ConfigCat with Okta as a SAML Identity Provider.
1. Create an Application in Okta
-
Log in to Okta, go to the admin Dashboard, and select
Applications
. -
Click on
Create App Integration
. -
Select
SAML 2.0
as the Sign-in method. -
Enter a descriptive
App name
, then clickNext
.
The next step will guide you on how to collect the information required for the appearing Configure SAML
section.
2. Configure SAML for the Okta Application
-
Open your organization's authentication settings on the ConfigCat Dashboard.
-
Click
ADD SAML IDENTITY PROVIDER
. -
Give a name for your Identity Provider, and click
Create
. -
From the next section of the dialog, copy the following values and paste them into the Okta application.
-
Entity ID
->Audience URI (SP Entity ID)
-
Assertion Consumer Service
->Single sign on URL
-
-
Set the
Name ID format
toEmailAddress
, then clickNext
. -
Select
I'm an Okta customer adding an internal app
. Complete the form with any comments and clickFinish
.
3. Configure ConfigCat with SAML Details from Okta
You can choose one of the following options to configure ConfigCat with SAML Identity Provider metadata.
- Metadata URL
- Manual Configuration
Select the
Sign On
tab.Copy the URL of
View IdP metadata
.Paste the copied value into the
Metadata URL
field at ConfigCat.Select the trusted domains. Only user accounts from trusted domains can login with SAML SSO. You can bind multiple verified domains to a SAML Identity Provider.
Click on
Save
.
Select the
Sign On
tab, and click onView SAML setup instructions
.Copy the value of the
Identity Provider Single Sign-On URL
andX.509 Certificate
fields and paste them into the Configuration dialog at ConfigCat.Select the trusted domains. Only user accounts from trusted domains can login with SAML SSO. You can bind multiple verified domains to a SAML Identity Provider.
Click on
Save
.
4. Assign Users to Okta Application
To let users authenticate via SAML, you need to assign individual users or groups to the Okta application.
-
Select the
Assignments
tab, and select either theAssign to People
or theAssign to Groups
option.
5. Sign In
-
Go to the ConfigCat Log In page, and click
COMPANY ACCOUNT - SAML
. -
Sign in with your company email address assigned to the Okta application.
-
ConfigCat will redirect you to Okta's sign in page. Type your credentials, and click
Sign In
. -
You should be redirected to ConfigCat signed in with your company account.
6. Next Steps
- Configure the auto-assignment of users.