Enable SSO with Okta

This guide walks you through configuring Okta as your SAML2 identity provider for single sign-on (SSO) authentication.

Step 1: Create SAML Application in Okta

1. Log into your Okta Admin Console
2. Navigate to Applications > Applications
3. Click Create App Integration
4. Select SAML 2.0 and click Next

Step 2: General Settings

1. App name: Enter "OakHost" as the application name
2. App logo: Upload the OakHost logo (optional)
3. Click Next

Step 3: Configure Okta SAML Settings

1. Sign in to the OakHost Customer Panel and navigate to User Management > Manage SSO.
2. Copy the Entity Reply URL (ACS) and Entity ID provided there.
3. Return to Okta and fill in the SAML settings as shown:

4. Make sure Name ID format is set to EmailAddress and Application username is set to Email.
5. Click Next.
6. Complete the Feedback section and click Finish.

Step 4: Configure OakHost SAML Settings

1. In Okta, navigate to the newly created OakHost application and select the Sign On tab.
2. Click on Show details in the SAML 2.0 section.

3. Copy the following values and paste them into the OakHost Customer Panel under User Management > Manage SSO:
   • Sign On URL: Corresponds to IDP Login URL
   • Sign Off URL: Corresponds to IDP Logout URL
   • Issuer: Corresponds to IDP Entity ID
   • Signing Certificate: Click the Copy button and paste it into the IDP X.509 Certificate field in OakHost.
4. Click Create Configuration in the OakHost Customer Panel.

Step 5: Test Integration

The SSO configuration is now complete. You can test the integration by logging out of the OakHost Customer Panel. On the login screen, enter your email address and click Sign in via SSO. You will be redirected to Okta for authentication.