Sleuth Documentation
HomeBlogSupportSign up
  • Getting started
  • Navigating Sleuth
  • DORA metrics
    • Deploy frequency
    • Change lead time
    • Change failure rate
    • MTTR
    • Interpreting Metrics in Sleuth
  • Deployment tracking
    • Organization
      • Labels
      • Trends
      • Compare
      • Search
      • Status
    • Projects
      • Issue trackers
    • Environments
    • Code deployments
      • Creating a deployment
      • How to register a deploy
      • Rollbacks
      • Automatic tagging
      • Deployment locking
      • Environment drift
      • Move code deployments
      • Search everything
    • Feature flags
    • Manual changes
    • Deploys
    • Teams
  • Work in Progress
  • Goals
  • Sleuth Automations
    • Automations Marketplace
      • Installing Automations
        • Installing PR "Update" Automations
      • Editing and uninstalling Automations
      • Smart suggestions
      • Understanding efficacy
    • Custom Automations
      • Automations Cookbook
      • Webhook Actions
      • Trigger Build Actions
        • Bitbucket Pipelines
        • CircleCI
        • Github Actions
        • Jenkins
  • Slack & Email Notifications
  • Auto-verify deploys
    • Anomaly detection
    • Error impact
    • Metric impact
  • Ignoring pull requests
  • Slack mission control
    • Approvals
    • Project notifications
    • Personal notifications
    • Search Sleuth in Slack
    • Project/Deployment history
    • Developer standup
  • Sleuth API
    • Deploy Registration
    • Deploy import
    • Manual Change
    • Custom Incident Impact Registration
    • Custom Metric Impact Registration
    • Deprecation information
    • GraphQL Queries
    • GraphQL Mutations
    • Query batching
  • Integrations
    • About Integrations...
    • Code integrations (read-only)
      • Azure DevOps
      • Bitbucket
      • GitHub
      • GitLab
      • Custom Git
      • Terraform Cloud
    • Code integrations (write)
    • Feature flag integrations
      • LaunchDarkly
    • Impact integrations
      • Error trackers
        • Bugsnag
        • Honeybadger
        • Rollbar
        • Sentry
      • Metric trackers
        • AppDynamics
        • AWS CloudWatch
        • Custom
        • Datadog
        • Jira metrics (Cloud / Data Center)
        • NewRelic
        • SignalFx
      • Incident tracker integrations
        • Blameless
        • PagerDuty
        • Datadog Monitors
        • Statuspage
        • Opsgenie
        • Jira (Cloud/Data Center)
        • FireHydrant
        • Rootly
        • ServiceNow
        • Custom
          • Grafana OnCall
      • CI/CD builds
        • Azure Pipelines
        • Bitbucket Pipelines
        • Buildkite
        • CircleCI
        • GitHub Actions
        • GitLab CI/CD Pipelines
        • Jenkins
    • Sleuth DORA App for Slack
    • Microsoft Teams integration
    • CI/CD integrations
      • Azure Pipelines
      • Bitbucket Pipelines
      • Buildkite
      • CircleCI
      • Github Actions
      • GitLab CI/CD Pipelines
      • Jenkins
    • Issue tracker integrations
      • Jira Cloud
      • Jira Data Center
      • Linear
      • Shortcut
    • Fixing broken integrations
  • Pulse
    • Welcome to Pulse docs
    • Quick Start setup guide
    • Beginner tutorials
      • 1. How to create a Teamspace
      • 2. How to create a Review
      • 3. How to create a Survey
  • Features
    • Reviews
      • Review workflow
      • Review templates
      • Widgets and Sections
        • Widget type
      • Review settings
    • Surveys
      • Survey Workflow
    • Teamspaces
    • Inbox
    • AI assistant
    • General settings
      • Users and Teams
      • Investment mix
  • Settings
    • Organization settings
      • Details
      • Authentication
        • SAML 2.0 Setup
          • Okta Configuration
          • Azure AD Configuration
          • PingIdentity Configuration
      • Access Tokens
      • Members
      • Team Settings
      • Billing
    • Project settings
      • Details
      • Slack settings
      • Environment settings
      • Code deployment settings
      • Feature flag settings
      • Impact settings
    • Account settings
      • Account settings
      • Notifications settings
      • Identities settings
    • Role Based Access Control
  • Resources
    • FAQ
    • Sleuth TV
    • Purchasing
    • About Sleuth...
Powered by GitBook
On this page
  • Steps to follow
  • Create a new Application
  • Set up Single Sign-On
  • Configure Attributes
  • Enter OKTA's metadata into Sleuth

Was this helpful?

  1. Settings
  2. Organization settings
  3. Authentication
  4. SAML 2.0 Setup

Okta Configuration

PreviousSAML 2.0 SetupNextAzure AD Configuration

Last updated 1 year ago

Was this helpful?

Steps to follow

    • Option 1: Link to metadata file

    • Option 2: Enter metadata manually

Create a new Application

Sign in to the OKTA Dashboard as an administrator. Open the menu in the top-left corner, expand the " Applications" section and click "Applications:

On the "Applications "page click "Create App Integration". In the pop-up "Create a new app integration" select "SAML 2.0" as the Sign-in method and click "Next":

On the "General Settings" tab enter a name for your application (e.g., Sleuth) and click "Next":

Set up Single Sign-On

On the "Configure SAML" page, fill in the necessary metadata (found in Sleuth), using the following reference:

OKTA
SLEUTH
EXAMPLE

Single sign on URL

Assertion Consumer Service

https://app.sleuth.io/complete/saml/

Audience URI (SP Entity ID)

SAML Entity ID

https://app.sleuth.io/saml/metadata/

Default RelayState

Default Relay State

sleuth

(should be your org slug)

Set the "Name ID format" to "Email Address" and click the "Show Advanced Settings" link to expand the settings:

Save the "Sleuth x509 Certificate" (found in Sleuth) in a .pem file, then click "Browse files..." next to "Signature Certificate" and upload the saved file. Activate the "Enable Single Logout" option and enter the necessary information:

OKTA
SLEUTH
EXAMPLE

Single Logout URL

Single Logout Service

https://app.sleuth.io/saml/sls/

Configure Attributes

In the "Attribute Statements" section add the following Attributes (using the "Add Another" button):

NAME
NAME FORMAT
VALUE

email

Unspecified

user.email

first_name

Unspecified

user.firstName

last_name

Unspecified

user.lastName

Leave the "Group Attribute Statements" as they are.

Click "Preview the SAML Assertion" if you want to inspect the Assertion before proceeding. Then click "Next" at the bottom-right of the page.

On the "Feedback" page select "I'm an Okta customer adding an internal app" and click "Finish" at the bottom-right of the page (you can leave the rest of the fields blank).

Enter OKTA's metadata into Sleuth

You can now choose between pointing Sleuth to a URL where the IdP's metadata is now available, or entering the metadata into Sleuth manually.

In OKTA in the "SAML Signing Certificates" section under your Application, find the certificate with status "Active", click on the "Actions" link at the right end of its row and click "View IdP metadata":

The XML file will open in a new tab in your browser -> select and copy its entire URL.

In Sleuth, click the "point Sleuth to metadata file URL" link to trigger the input modal and paste the copied URL into the field, then click "Save":

The remaining fields in Sleuth will get populated automatically, just click "Test Metadata and Save":

Sleuth defaults all of the Advanced configuration to the most commonly used values, but depending on your IdP configuration you might need to adjust "Advanced settings".

Assign People/Groups to the Application

On the Application's homepage click the "Assignments" tab, then click "Assign" and select either "Assign to People" (to assign individual users) or "Assign to Groups" (to assign to groups of users):

In OKTA in the "SAML Signing Certificates" section under your Application, click the "View SAML setup instructions" button:

Fill in the necessary metadata, using the following reference, and click "Test Metadata and Save":

SLEUTH
OKTA
EXAMPLE

Entity ID

Identity Provider Issuer

http://www.okta.com/<...>

SSO URL

Identity Provider Single Sign-On URL

https://<...>.okta.com/app/<...>/sso/saml

SLO URL

Identity Provider Single Logout URL

https://<...>.okta.com/app/<...>/slo/saml

Certificate

X.509 Certificate

-----BEGIN CERTIFICATE----- <...> -----END CERTIFICATE-----

Sleuth defaults all of the Advanced configuration to the most commonly used values, but depending on your IdP configuration you might need to adjust "Advanced settings".

Create a new Application
Set up Single Sign-On
Configure Attributes
Enter OKTA's metadata into Sleuth
Assign People/Groups to the Application