Okta is a publicly traded identity and access management company based in San Francisco. It provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, website web services and devices.
You can use it to configure Single Sign-On for your start.me team.
- Step 1: Add Okta as IdP to start.me
- Step 2: Configure start.me in Okta
- Step 3: Configure Okta in start.me
- In your Team Admin page, click Team Portal > Login & SSO > Custom Single Sign-On (SSO)
- Click Add.
- Select Okta in the list of IdP providers.
- Click Add to start the configuration process (Step 2).
Login with your Okta Administrator account and click the "Create New App" button in your Applications section
Select SAML 2.0
Add "start.me" as name for the SAML integration
Configure start.me like this:
- Single Sign On URL: https://[yourcustomdomain].start.me/users/auth/saml2/callback?id=[auth-id]
- Audience URI (SP Entity ID): startme
- Name ID format: EmailAddress
- Application Username: Okta username
- name: user.login
- email: user.email
After you configured start.me in Okta, you can click the "Identity Provider metadata" link to download a XML file that contains. Save this file on your local machine.
Finally, make sure you assign People to this new "start.me" application, so you will be able to test the flow once you have completed all 3 steps.
- In the Single Sign-On section on start.me, click "Configure" next to the Okta IdP.
- In the sidebar click Browse to upload the metadata file you got from Okta in step 2.
After you uploaded this file, the following fields should be automatically filled:
- SAML2.0 Endpoint
- IDP Entity
- Public Certificate
Optionally. you can change the label and the icon for the login button that will appear on your sign-in screen at https://[yourcustomdomain].start.me/users/sign_in
Now, you are done and ready to test the new Okta login flow!
For questions or help with the SSO setup, please contact our team at firstname.lastname@example.org.