It’s recommended that you set up Datadog as an Okta application manually, as opposed to using a ‘pre-configured’ configuration.
Single Sign On URL: https://app.datadoghq.com/account/saml/assertion
(NOTE: If using IdP initiated login, use a public ID-specific URL which is generated after enabling IdP initiated login in Datadog. Find this URL at the ‘Configure SAML’ page, in the ‘Assertion Consumer Service URL’ field. Example URL:
https://app.datadoghq.com/account/saml/assertion/id/ This also applies to the Recipient URL and the Destination URL fields respectively.)
Recipient URL: https://app.datadoghq.com/account/saml/assertion (or check the box labeled “Use this for Recipient URL and Destination URL” in Okta)
Destination URL: https://app.datadoghq.com/account/saml/assertion (or check the box labeled “Use this for Recipient URL and Destination URL” in Okta)
Audience URI (SP Entity ID): https://app.datadoghq.com/account/saml/metadata.xml
Default Relay State:
Name ID Format: EmailAddress
Assertion Signature: Signed
Signature Algorithm: RSA_SHA256
Digest Algorithm: SHA256
Assertion Encryption: Assertions can be encrypted, but unencrypted assertions are also accepted.
SAML Single Logout: Disabled
Honor Force Authentication: Yes
SAML Issuer ID:
Additional Information on configuring SAML for your Datadog account can be found on the dedicated SAML documentation page:
In the event that you need to upload an
IDP.XML file to Datadog before being able to fully configure the application in Okta, see acquiring the idp.xml metadata file for a SAML template App article for field placeholder instructions.
Additional helpful documentation, links, and articles: