Okta Configuration

Steps to follow

Create a new Application

Sign in to the OKTA Dashboard as an administrator. Open the menu in the top-left corner, expand the " Applications" section and click "Applications:

On the "Applications "page click "Create App Integration". In the pop-up "Create a new app integration" select "SAML 2.0" as the Sign-in method and click "Next":

On the "General Settings" tab enter a name for your application (e.g., Sleuth) and click "Next":

Set up Single Sign-On

On the "Configure SAML" page, fill in the necessary metadata (found in Sleuth), using the following reference:

OKTA
SLEUTH
EXAMPLE

Single sign on URL

Assertion Consumer Service

https://app.sleuth.io/complete/saml/

Audience URI (SP Entity ID)

SAML Entity ID

https://app.sleuth.io/saml/metadata/

Default RelayState

Default Relay State

sleuth

(should be your org slug)

Set the "Name ID format" to "Email Address" and click the "Show Advanced Settings" link to expand the settings:

Save the "Sleuth x509 Certificate" (found in Sleuth) in a .pem file, then click "Browse files..." next to "Signature Certificate" and upload the saved file. Activate the "Enable Single Logout" option and enter the necessary information:

OKTA
SLEUTH
EXAMPLE

Single Logout URL

Single Logout Service

https://app.sleuth.io/saml/sls/

Configure Attributes

In the "Attribute Statements" section add the following Attributes (using the "Add Another" button):

NAME
NAME FORMAT
VALUE

email

Unspecified

user.email

first_name

Unspecified

user.firstName

last_name

Unspecified

user.lastName

Leave the "Group Attribute Statements" as they are.

Click "Preview the SAML Assertion" if you want to inspect the Assertion before proceeding. Then click "Next" at the bottom-right of the page.

On the "Feedback" page select "I'm an Okta customer adding an internal app" and click "Finish" at the bottom-right of the page (you can leave the rest of the fields blank).

Enter OKTA's metadata into Sleuth

You can now choose between pointing Sleuth to a URL where the IdP's metadata is now available, or entering the metadata into Sleuth manually.

Last updated

Was this helpful?