After you have your background information, you can use the Okta Admin Console and the Application Integration Wizard to create your SSO integration inside the Okta org associated with your developer account.
If you don't have an Okta developer account, begin by signing up for one at
After you request the developer account and have received the initialization email, click the link in the email to go to your developer org. Sign in as a user with administrative privileges.
Navigate to the Admin Console in your Okta org by clicking
Admin in the upper-right corner. Note: If you are in the Developer Console, click < > Developer Console in the upper-left corner and then click Classic UI to switch over to the Admin Console in your Okta org.
In the Admin Console, go to
Applications > Applications.
Create New App to start the Application Integration Wizard.
Web or SPA as the platform for your integration. Web is the only supported platform for both OIDC and SAML 2.0 applications in the OIN. SPA is supported for OIDC apps only.
If you are creating an OIDC integration that is intended for private use only, you can select Native or Single Page App as the platform.
Create a SAML integration Select SAML 2.0 in the Sign on method section. Click Create. On the General Settings tab, enter a name for your integration and optionally upload a logo. You can also hide the integration from your end-user's Okta dashboard or mobile app. On the Configure SAML tab, use the SAML information that you gathered in the to configure the settings of your integration. See first step Create a SAML integration using AIW in the Okta product documentation.
In the Single sign on URL field, enter the Assertion Consumer Service (ACS) URL. Enter the Audience URI into the Audience URI (SP Entity ID) field.
Note: If you are just testing your setup using a sample SAML SP (such as this SAML Service Provider on GitHub), enter the following test URL into the Single sign on URL and Audience URI (SP Entity ID) fields:
Choose the Name ID format and Application username that must be sent to your application in the SAML response (for example,
Email) or leave the defaults.
In the ATTRIBUTE STATEMENTS (OPTIONAL) section, enter the SAML attributes to be shared with your application.
Name (in SAML application) Value (in Okta profile)
If your org uses groups to categorize users, fill in the GROUP ATTRIBUTE STATEMENTS (OPTIONAL) section to filter by group membership in your SAML assertion. For example:
You can preview the generated SAML assertion by clicking the button in Section B. Click Next. In the final creation step, the Feedback tab helps Okta to understand how you want to position this application.
If you are only creating an internal SAML integration:
Select I'm an Okta customer adding an internal app. For the check boxes that appear, select the App type check box if your company created the integration and it won't be released publicly. If you check this box, you don't need to enter any further information. Select the Contact app vendor check box if Okta needs to contact you to enable SAML for the integration. If you select this check box, you need to provide further general information about your integration to the Okta OIN team. Click Finish. For ISVs that are creating a SAML integration for the OIN:
Select I'm a software vendor. I'd like to integrate my app with Okta. Click Finish.