Skip to main content

Single Sign-On (SSO) with Okta

Overview

Okta is a cloud-based identity management provider that you can integrate with Split’s SAML 2.0 API, allowing you to log in to Split using your single sign-on (SSO) credentials.

Create an SSO application

  1. Sign in to Okta.

  2. Click Admin to go to the Admin panel.

  3. Select the Applications sidebar menu item.

  4. Click Create App Integration.

  5. Select SAML 2.0, and then click Next.

  6. For the App name field, enter a name for your Split app and click Next.

  7. Create the app with a temporary Single sign-on URL. You will get the real URL later during the Split configuration, and come back to change it.

    Use the following settings:

    • Set a temporary Audience URI (SP Entity ID). You will also get the real value during the Split configuration and change it later.
    • Set the Name ID format as EmailAddress.
    • Leave the rest of the options as default and click Next.

  8. Before finishing, select I'm an Okta customer adding an internal app.

  9. Click Finish.

  10. SSO parameters are now available. Click View Setup Instructions.

  11. Copy the IDP metadata.

Configure SAML

If you are a Split administrator, you can configure SAML in Admin Settings.

  1. Go to Admin Settings > Security > SAML.
  2. Add the IdP metadata copied from Okta.
  3. Enable/disable SAML strict mode.
  4. Enable/disable Just-in-time user provisioning.
  5. Click Save.

When you save these changes, you can view the summary of the SAML configuration parameters. You use this information when adding SAML settings in Okta.

Add SAML Settings

  1. Go to the Okta Admin Panel.

  2. Select the General tab.

  3. Under SAML Settings, click Edit.

  4. Click Next.

  5. Change the Single sign-on URL to the Assertion Consumer Service URL provided in Split in the configuration parameters.

  6. Change the Audience URI to the Audience URI provided in Split in the configuration parameters.

  7. Change the Default RelayState to the Default RelayState provided in Split in the configuration parameters.

  8. Click Show Advanced Settings.

  9. Click Add Another under Other Requestable SSO URLs and set the URL to the Requestable SSO URL provided in Split in the configuration parameters. Set the Index value to 1.

  10. Click Next and then Finish.

Split is now linked with Okta.