Skip to main content

Search

Configuring SAML: Okta

Enable Okta SSO for your Canary Console by configuring SAML settings, creating an Okta app, and sharing your metadata for secure, seamless single sign-on access.

Enable Single Sign-On from Okta to your Canary Console with this guide.

Step 1: Find your SAML parameters

Log in to your Console, click the white Gear Icon on the top right-hand side of your screen, select Global Settings, then expand the SAML section at the bottom of the page.

You will find the info for your Console (pictured below) that you'll need for Step 5 of the process.

Note, you can also head directly to your Console SAML page by editing the URL below with your domain hash.

https://XXX.canary.tools/nest/settings/saml

CleanShot 2024-09-13 at 16.30.02@2x.png

Step 2: Create App in Okta

Log in to your Okta organisation dashboard and expand the Applications menu, then select Applications and finally Create App Integration.

CleanShot 2024-09-13 at 16.30.12@2x.png

Step 3: Launch the SAML Wizard

On the popup, select SAML 2.0 as the application type, then hit Next.

CleanShot 2024-09-13 at 16.30.22@2x.png

Step 4: Configure your SAML App Integration

  1. Choose a name for your Okta Canary application.
  2. Upload an App logo. (Available for download here.)
  3. Select Next.

CleanShot 2024-09-13 at 16.30.31@2x.png

On the second step, enter the SAML parameters from your Console received in Step 1.

  1. Enter your ACS URL : https://XXX.canary.tools/saml/acs
  2. Enter your SP Entity ID : https://XXX.canary.tools/
  3. Leave the Default RelayState blank.
  4. Set the Name ID format to EmailAddress.
  5. Set the Application username to Email.
  6. Leave the Update application username on field as Create and update.

CleanShot 2024-09-13 at 16.30.43@2x.png

Once complete, select Next, then fill in the reason for the custom app and click Finish:

CleanShot 2024-09-13 at 16.30.52@2x.png

Lastly select I'm an Okta customer adding an internal app, then hit Finish or complete the form if you'd like to provide Okta feedback.

CleanShot 2024-09-13 at 16.31.53@2x.png

Step 5: Download SAML Metadata

Your SSO integration is ready!

Simply share your Metadata URL with the support team here, and we'll have your SSO setup in no time.

CleanShot 2024-09-13 at 16.32.10@2x.png

Assigning users or groups to the Canary Application

With your SSO setup, you'll want to grant access to your users to access your Canary Console.

With your Canary application open, select the Assignments tab, then the Assign drop down and finally Assign to People.

CleanShot 2024-09-13 at 16.32.56@2x.png

At the popup, assign your users to the app:

CleanShot 2024-09-13 at 16.33.04@2x.png

Save their email address and select Save and Go Back.

CleanShot 2024-09-13 at 16.33.13@2x.png

Finally, click Done.

CleanShot 2024-09-13 at 16.33.22@2x.png

You're all set!

Logging into your Console via SSO

You'll know it's working when you see your Console Login page show a Login with SSO button:

CleanShot 2024-09-13 at 16.33.37@2x.png

Click the button to initiate the SSO login.

You'll also be able to login to your Console by clicking on your Canary app panel inside the Okta dashboard:

CleanShot 2024-09-13 at 16.33.45@2x.png

Was this article helpful?
7 out of 7 found this helpful
Return to top