If your company uses Okta as its identity provider, your IT department may want to configure SAML. Once your organization configures SAML, organization members signing in via email will need to sign in via Okta. Your organization members will also be able to access Supernormal from the Okta dashboard. Follow the instructions below to set up SAML.
Prerequisites
You must be on an Enterprise plan to enable Okta SSO. Get in touch for more information about enterprise plans at [email protected].
Supported features
Supernormal supports:
SP-initiated SSO
IdP-initiated SSO
JIT provisioning
Step 1: Configure Okta
Head to the applications catalog in Okta
Search for and click on “Supernormal”
Click “Add integration” to begin your setup
Leave general settings as they are and click “next” to continue
On the Sign-on Options screen take note of the values for “Sign on URL” and your signing certificate. You will need both of these to configure your SSO settings on Supernormal in Step 2
Step 2: Configure Supernormal
Navigate to https://app.supernormal.com
Click your organization’s name on the top right navigation column
Scroll down to Single Sign-On
Paste the sign-on URL that you copied from Step 1 into its corresponding field
Paste the X.509 Certificate that you copied from Step 1 into its corresponding field
Click on the switch to enable SSO
Click the Save changes button
Supported attributes
Name | Value |
user.email | |
first_name | user.firstName |
last_name | user.lastName |
language_code | user.languageCode |
display_name | user.displayName |
Language Codes
Note that the value for language_code
must be a valid BCP 47 language code supported by Supernormal. For example, US English as en-US
, Spain Spanish as es-ES
, and so on. For a complete list of languages we support, please see https://help.supernormal.com/en/articles/7208097-which-languages-does-supernormal-support. By default, Supernormal user profiles will be set to US English if we do not recognize or support the given code.
At this point, your organization has optionally enabled SAML SSO via Okta. To require it for your members, please contact support at [email protected]. Once required, your organization members will only be able to access Supernormal by signing in with Okta. Note that organization owners are able to bypass Okta in the event of an account lockout.
SP-initiated flow
Enter your email and submit
Choose to continue with email or with SSO on the next screen if SSO is optionally enabled
If SSO is required you will be redirected to Okta automatically