Okta SSO Setup

SAML 2.0 Setup with Okta

Step 1: Create a SAML Application in Okta

1. Sign in to the Okta Admin Console
2. Go to Applications > Applications
3. Click Create App Integration
4. Select SAML 2.0 and click Weiter
5. Enter an App name (e.g., "Zenovay") and click Weiter

Step 2: Configure SAML Settings

On the Configure SAML page, enter the following values:

Leave all other settings at their defaults and click Weiter.

Step 3: Complete Setup

1. On the Feedback page, select "I'm an Okta customer adding an internal app" and click Finish
2. You will be taken to the application's Sign On tab

Step 4: Get IdP Values from Okta

1. On the Sign On tab, scroll to SAML Signing Certificates
2. Click Actions > View IdP metadata for the active certificate
3. From the metadata page, note:
   • IdP Entity ID: the entityID attribute in the opening EntityDescriptor tag
   • SSO URL: the Location attribute in the SingleSignOnService tag with HTTP-POST binding
4. Go back to the Sign On tab and download the X.509 Certificate by clicking Actions > Download certificate

Alternatively, click View SAML setup instructions for a summary page with all values.

Step 5: Assign Users

1. Go to the Assignments tab
2. Click Assign > Assign to People or Assign to Groups
3. Select the users or groups who should have access to Zenovay
4. Click Done

Step 6: Configure Zenovay

1. In Zenovay, go to Settings > Authentication > SSO
2. Click Add SSO Provider
3. Select SAML 2.0
4. Enter:
   • Name: e.g., "Okta"
   • Entity ID: the IdP Entity ID from Step 4
   • SSO URL: the SSO URL from Step 4
   • Certificate: paste the full X.509 certificate
5. Click Save
6. Add and verify your email domain

Step 7: Test

1. Open an incognito window
2. Go to auth.zenovay.com
3. Enter an email from your verified domain
4. You should be redirected to Okta, sign in, and return to the Zenovay dashboard