Okta SSO Setup

Step-by-step guide on setting up the RudderStack SSO (Single Sign-On) feature with Okta.

This guide lists the steps to configure and enable Okta SSO for your organization.

Configuring the RudderStack SSO App

• Log into your Okta application as an Administrator. Then, go to the Applications page in the dashboard.
• Click on the Create App Integration button to integrate Okta with RudderStack, as shown:

• Select SAML 2.0 as the sign-in method, as shown:

• Enter RudderStack as the App name.

In the next page, enter the following settings:

• The settings are as follows:

  • Single sign on URL: Set this to https://auth.rudderstack.com/v1/saml_callback.
  • Audience URI (SP Entity ID): Set this to https://auth.rudderstack.com/v1/saml_callback.
  • Default RelayState: Enter the domain name of your organization's email. For example, if your company email is abc@company.com, then this field should be set to company.com.
  • Name ID format: From the dropdown, select Unspecified.
  • Application username: From the dropdown, select Okta username.

• Then, scroll down to the Attribute Statements (optional) section and fill the following three fields, as shown:

• In the next page, select the I'm an Okta customer adding an internal app option and click on Finish.

The RudderStack Single Sign-On app is now created and you will be taken to the app's page.

Enabling SSO

This section lists the steps to enable SSO for your organization.

• Under the Sign-On section of the app, click on the View Setup Instructions button. It should redirect you to the page called How to Configure SAML 2.0 for RudderStack Application.

• Then, copy the following three fields and share them with the RudderStack team:
  • Identity Provider Single Sign-On URL
  • Identity Provider Issuer
  • X.509 Certificate

Contact us

For queries on any of the sections covered in this guide, you can contact us or start a conversation in our Slack community.