Skip to main content
Setting up Okta SSO
Fabian Perez avatar
Written by Fabian Perez
Updated over a week ago

If your company uses Okta as its identity provider, your IT department may want to configure SAML. Once your organization configures SAML, organization members signing in via email will need to sign in via Okta. Your organization members will also be able to access Supernormal from the Okta dashboard. Follow the instructions below to set up SAML.

Prerequisites

You must be on an Enterprise plan to enable Okta SSO. Get in touch for more information about enterprise plans at [email protected].

Supported features

Supernormal supports:

  • SP-initiated SSO

  • IdP-initiated SSO

  • JIT provisioning

Step 1: Configure Okta

  • Head to the applications catalog in Okta

  • Search for and click on “Supernormal”

  • Click “Add integration” to begin your setup

  • Leave general settings as they are and click “next” to continue

  • On the Sign-on Options screen take note of the values for “Sign on URL” and your signing certificate. You will need both of these to configure your SSO settings on Supernormal in Step 2

Step 2: Configure Supernormal

  1. Click your organization’s name on the top right navigation column

  2. Scroll down to Single Sign-On

  3. Paste the sign-on URL that you copied from Step 1 into its corresponding field

  4. Paste the X.509 Certificate that you copied from Step 1 into its corresponding field

  5. Click on the switch to enable SSO

  6. Click the Save changes button

Supported attributes

Name

Value

email

user.email

first_name

user.firstName

last_name

user.lastName

language_code

user.languageCode

display_name

user.displayName

Language Codes

Note that the value for language_code must be a valid BCP 47 language code supported by Supernormal. For example, US English as en-US, Spain Spanish as es-ES, and so on. For a complete list of languages we support, please see https://help.supernormal.com/en/articles/7208097-which-languages-does-supernormal-support. By default, Supernormal user profiles will be set to US English if we do not recognize or support the given code.

At this point, your organization has optionally enabled SAML SSO via Okta. To require it for your members, please contact support at [email protected]. Once required, your organization members will only be able to access Supernormal by signing in with Okta. Note that organization owners are able to bypass Okta in the event of an account lockout.

SP-initiated flow

  1. Enter your email and submit

    1. Choose to continue with email or with SSO on the next screen if SSO is optionally enabled

    2. If SSO is required you will be redirected to Okta automatically

Did this answer your question?