Skip to main content

How to Configure SAML Single Sign-On

Configuring Okta for SAML SSO on your Instabug Dashboard

Sherif avatar
Written by Sherif
Updated over a week ago

This document shows in detail how to configure your SAML SSO using Okta, but most similar platforms that support SAML should have similar steps.

To configure Instabug with Okta, you will need to follow these steps:

  1. Create Okta account https://www.okta.com/free-trial/

  2. Signup in Instabug's dashboard using the same email address as Okta

  3. At Instabug's dashboard, open the account settings> SSO > SAML “and configure it. “

  4. At Okta's dashboard, click on the "Admin" button to open the admin panel

    1. Setup verification with the Okta verify app (if needed)

  5. Create a new application of "SAML" type

    1. From the sidebar, go to applications

    2. Select "Create App Integration"

    3. Select SAML 2.0 type and click “Next“

    4. General settings: enter the app name and click “Next“

    5. at configurations: enter the mapped values as follows from the dashboard Configure SAML SSO modal and then click “Next“

      1. Single sign-on URL → Service Provider SSO Callback URL (found on Configure SAML SSO modal on dashboard)

      2. Audience URI (SP Entity ID) → Service Provider Entity ID modal (found on Configure SAML SSO modal on the dashboard)

      3. leave Default RelayState empty

      4. Name ID format: select EmailAddress

      5. Application username: select email

    6. Feedback: select I'm a software vendor. I'd like to integrate my app with Okta and click “Finish”

  6. Assign Users to App: Go to applications, click on assign users to app then select app and user, click “Next“ and confirm assignment.

  7. From applications, open the created app, then select the “Sign On” tab

  8. Scroll to “View Setup Instructions” and open it

  9. Download Okta certificate

  10. You can set up a fingerprint or upload the certificate directly

    1. Uploading certificate

      1. At the instabug dashboard, Configure SAML SSO modal and select Certificate

        1. Upload downloaded certificate from step 9

          2.In SAML/idP metadata URL → add the Identity Provider Single Sign-On URL value on “View Setup Instructions” in Okta dashboard

    2. Setting fingerprint manually

      1. At your terminal change directory to where you downloaded cert in step 9

      2. Execute openssl x509 -noout -fingerprint -sha1 -inform pem -in okta.cert

      3. Copy the fingerprint value, will be sth like F4:95:55:6E:97:D7:B6:26:56:3C:D0:4D:A0:D3:E4:05:B3:11:FF:B7

      4. At dashboard Configure SAML SSO modal select Fingerprint and enter the mapped values

        1. Identity Provider Certificate Fingerprint → paste the value you git from terminal

        2. Identity Provider Certificate Fingerprint Algorithm → choose SHA1

        3. SAML/idP metadata URL → Identity Provider Single Sign-On URL value on View Setup Instructions in Okta dashboard

  11. Logout from your normal account

  12. Select login with SSO

  13. Enter the email of Okta that you assigned app to then your credentials on Okta form

  14. After redirecting change dash-dev to deploy

  15. Tada! 🎉

ℹ️ To enable SAML/OAuth to your company for all members, you need to login using SSO at least once after configuring it.

After this, no member can login with their email/password, only logging in using SSO is allowed.

⚠️ If you disabled SSO and then re-enable it, it will be enabled immediately for the whole company (without needing to login using SSO first)

Did this answer your question?