This document shows in detail how to configure your SAML SSO using Okta, but most similar platforms that support SAML should have similar steps.
To configure Instabug with Okta, you will need to follow these steps:
Create Okta account https://www.okta.com/free-trial/
Signup in Instabug's dashboard using the same email address as Okta
At Instabug's dashboard, open account setting > SSO > SAML “configure“
At Okta's dashboard, click on the "Admin" button to open the admin panel
Create a new application of "SAML" type
From the sidebar, go to applications
Select "Create App Integration"
Select SAML 2.0 type and click “Next“
General settings: enter the app name and click “Next“
at configurations: enter the mapped values as follows from the dashboard Configure SAML SSO modal and then click “Next“
Single sign-on URL → Service Provider SSO Callback URL (found on Configure SAML SSO modal on dashboard)
Audience URI (SP Entity ID) → Service Provider Entity ID modal (found on Configure SAML SSO modal on the dashboard)
leave Default RelayState empty
Name ID format: select EmailAddress
Application username: select email
Feedback: select I'm a software vendor. I'd like to integrate my app with Okta and click “Finish”
Assign Users to App: Go to applications, click on assign users to app then select app and user, click “Next“ and confirm assignment.
From applications, open the created app then select the “Sign On” tab
Scroll to “View Setup Instructions” and open it
Download Okta certificate
You can set up a fingerprint or upload the certificate directly
Uploading certificate
Setting fingerprint manually
At your terminal change directory to where you downloaded cert in step 9
Execute
openssl x509 -noout -fingerprint -sha1 -inform pem -in okta.cert
Copy the fingerprint value, will be sth like
F4:95:55:6E:97:D7:B6:26:56:3C:D0:4D:A0:D3:E4:05:B3:11:FF:B7
At dashboard Configure SAML SSO modal select Fingerprint and enter the mapped values
Identity Provider Certificate Fingerprint → paste the value you git from terminal
Identity Provider Certificate Fingerprint Algorithm → choose SHA1
SAML/idP metadata URL → Identity Provider Single Sign-On URL value on View Setup Instructions in Okta dashboard
Logout from your normal account
Select login with SSO
Enter the email of Okta that you assigned app to then your credentials on Okta form
After redirecting change dash-dev to deploy
Tada! 🎉
ℹ️ To enable SAML/OAuth to your company for all members, you need to login using SSO at least once after configuring it.
After this, no member can login with their email/password, only logging in using SSO is allowed.
⚠️ If you disabled SSO and then re-enable it, it will be enabled immediately for the whole company (without needing to login using SSO first)