Enable SSO with Okta

Enabling Single Sign-On (SSO) with Okta as your identity provider allows you to simplify authentication and login access to Cloudcraft.

This article helps you set up SSO if your identity provider is Okta. For other identity providers, see the following articles:

For general information on using SSO with Cloudcraft, check out Enable SSO in Your Account.

Setting Up SAML/SSO

The SAML Enterprise SSO feature is only available for the Enterprise plan, and can only be configured by the Cloudcraft Account Owner role.
  1. In Cloudcraft, navigate to User > Security & SSO.
  2. The details you need to create a new application with Okta can be found in the Cloudcraft service provider details section.
Screenshot of Cloudcraft service provider details for Identity Provider configuration with entity ID and assertion consumer service URL.
  1. Log in to Okta as an administrator.
  2. Click Application.
  3. Click Add Application, then click Create New App.
  4. Select SAML 2.0 as the sign on method and click Create.
  5. Enter Cloudcraft as the name of the application and leave the remaining values as-is.
  6. Click Next.
If you prefer to use an app logo, you can use this logo which adheres to Okta's size restrictions.
  1. Next, configure the SAML integration using the details provided by Cloudcraft. The fields are mapped as follows, with the first one being the label in Okta, and the second one being the label at Cloudcraft.
    • Single sign on URL: Assertion Consumer Service URL
    • Audience URI: Service Provider Entity ID
Screenshot of SAML settings interface with fields for single sign-on URL and entity ID configuration.
  1. On the Name ID format dropdown, select EmailAddress.
  2. Proceed to the next screen and select I’m an Okta customer adding an internal app to answer the question “Are you a customer or partner?”.
  3. Click Finish. Now that the application is set up in Okta, you can assign your users to it and once you’re done, navigate to the Sign On tab.
Screenshot displaying SAML 2.0 configuration settings in a Okta application integration interface.
  1. Under the View Setup Instructions button, click the blue link to download the file required for upload to Cloudcraft.
  2. Navigate back to Cloudcraft and upload your config file.
Successfully configured SAML Single Sign-On status with identity provider URL visible in security settings interface.
  1. Toggle the SAML Single Sign-On is enabled option.
  2. If you prefer to have your users access Cloudcraft only via your identity provider, enable the Strict mode option.