Blog Status Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage


Start configuring SSO/SAML from the Settings page in web app, scroll to the SSO/SAML section and click Use SAML for Single Sign-On.

Check that you have a configured email domain for your organization, this will be used by your user accounts to sign in with SSO/SAML. If you don’t have a configured email domain then contact support.

SSO/SAML configuration in

In OKTA, navigate to Applications -> Applications and click the Create App Integration button.

Creating new app in OKTA

Select SAML 2.0 as the Sign-in method and click Next.

Selectin SAML2.0 as the sign-in method in OKTA

Fill in the App name, optionally the logo, and click Next:

Filling basic SAML app details in Google workspace

You can use this for the logo: landscape logo

Copy over the following fields from SSO configuration into OKTA:

  • SP ACS URL -> Single sign-on URL
  • SP Entity ID / Audience URL -> Audience URI (SP Enttiy ID)

Copy SP metadata from to OKTA

Fill in a few additional details for wiring user accounts:

  • Set the Name ID format to EmailAddress
  • Set the Application username to Email

Proceed by clicking Next.

OKTA user account mapping

In the feedback section you should leave the This is an internal app… and It’s required to contact… options unchecked.

In the Did you find SAML docs for this app? field you could use the link of this document -

Click Finish.

OKTA feedback form

Now that OKTA knows about we need to do the reverse as well - tell about the OKTA integration you just created.

In the OKTA application, click the Sign On tab and…

OKTA sign on tab

…expand the SAML 2.0 details by clicking More details in the SAML 2.0 section.

OKTA saml details

Copy the following from OKTA into SAML configuration:

  • Sign on URL -> IdP SSO URL / Sign on URL
  • Issuer -> IdP Entity ID / Issuer
  • Signing Certificate -> IdP Signing Certificate

Click Configure to finalize SAML configuration in

Copy IdP metadata from OKTA to

You’ll also need to assign a group or a list of users to the application. This depends on your OKTA structure, but you might have a group such as Mobile Developers or Engineering that could be a good fit.

Start by going to the Assignments tab, click on the Assign dropdown and select Assign to Groups.

Navigate to Assigments

Add the group you want to give access by searching for it and clicking the Assign button. When all groups have been added, click Done.

Assign OKTA group to app

SSO/SAML with OKTA is now enabled for your organization! 🎉