Admin Setup for Team Licenses
      Back to home
      1. Fluint Help Center
      2. Admin Setup for Team Licenses

      Configuring SSO with Okta

      This guide walks you through setting up SSO with Okta using either SAML or OIDC protocols.

      Prerequisites

      • Admin access to your Okta organization
      • Completed Step 1 from the main SSO setup guide
      • Your Fluint callback URL: https://app.fluint.io/auth/sso-callback

      Option 1: SAML Configuration (Recommended)

      Step 1: Create the Application in Okta

      1. Log into your Okta Admin Console
      2. Navigate to Applications > Applications
      3. Click Create App Integration
      4. Select SAML 2.0 and click Next

      Step 2: Configure General Settings

      App Integration Name: Fluint App logo: Upload your company logo (optional)

      Click Next to continue.

      Step 3: Configure SAML Settings

      Single sign on URL: https://app.fluint.io/auth/sso-callback

      • ✅ Check "Use this for Recipient URL and Destination URL"

      Audience URI (SP Entity ID): https://app.fluint.io

      Default RelayState: Leave blank

      Name ID format: EmailAddress

      Application username: Email

      Step 4: Add Attribute Statements

      Add these attribute mappings:

      Name Name format Value
      email Unspecified user.email
      first_name Unspecified user.firstName
      last_name Unspecified user.lastName

      Step 5: Finish Setup

      1. Click Next
      2. Select "I'm an Okta customer adding an internal app"
      3. Click Finish

      Step 6: Assign Users

      1. Go to the Assignments tab
      2. Click Assign and choose Assign to People or Assign to Groups
      3. Select users/groups who should have access to Fluint

      Step 7: Get Configuration Details

      1. Go to the Sign On tab
      2. Click View Setup Instructions
      3. Copy these values for Fluint:
        • Identity Provider Single Sign-On URL
        • Identity Provider Issuer
        • X.509 Certificate (copy the entire certificate including headers)

      Option 2: OIDC Configuration

      Step 1: Create the Application

      1. In Okta Admin Console, go to Applications > Applications
      2. Click Create App Integration
      3. Select OIDC - OpenID Connect
      4. Choose Web Application

      Step 2: Configure Application

      App integration name: Fluint

      Grant type: ✅ Authorization Code

      Sign-in redirect URIs: https://app.fluint.io/auth/sso-callback

      Sign-out redirect URIs: https://app.fluint.io/logout

      Controlled access: Choose based on your organization's needs

      Step 3: Get Configuration Details

      After creating the app, note these values:

      • Client ID
      • Client Secret
      • Okta domain (e.g., your-org.okta.com)

      Complete Setup in Fluint

      Return to your Fluint SSO connection and enter the configuration details:

      For SAML:

      • IdP SSO URL: The Single Sign-On URL from Okta
      • IdP Entity ID: The Identity Provider Issuer from Okta
      • X.509 Certificate: The certificate from Okta (include -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)

      For OIDC:

      • Client ID: From your Okta app
      • Client Secret: From your Okta app
      • Issuer URL: https://your-org.okta.com
      • Authorization URL: https://your-org.okta.com/oauth2/v1/authorize
      • Token URL: https://your-org.okta.com/oauth2/v1/token
      • UserInfo URL: https://your-org.okta.com/oauth2/v1/userinfo

      Testing Your Configuration

      1. Use the testing steps from the main guide
      2. Verify users are redirected to your Okta login page
      3. Confirm successful authentication returns them to Fluint

      Next Steps