Skip to main content

Using Okta for Single Sign-On

· 2 min read
Hugh Enxing

Using Okta as an Identity Provider for Tator

This will require setting up a SAML-based application integration in Okta and then setting the SAML metadata configuration URL in Tator.

What is SAML

Security Assertion Markup Language (SAML) is a standard for sharing authentication and authorization data between an Identity Provider (IdP; in our case, Okta) and a Service Provider (SP; in our case, Tator). It is an XML-based markup language that also defines a set of protocols for communicating between the IdP and SP.

Configuring Okta

  1. Log in to your Okta organization as an administrator and open the Applications.

  2. Click "Create App Integration".

  3. Select "SAML 2.0" as the Sign-in method.

  4. Give your application a name and click next. Optional: Upload the tator app logo.

  5. Fill in the "Single sign on URL" and "Audience URI", replacing <DOMAIN> with your Tator domain.

  6. Configure the "Attribute Statements".

  7. Click Next at the bottom of the page.

  8. Select "I'm an Okta customer adding an internal app" and click Finish at the bottom of the page.

  9. This will complete the creation of the integration and bring you to the Sign On tab

  10. Scroll to the bottom of this page and, on the certificate marked Active, first click Actions, then right-click View IdP metadata and copy the link.

    This is the link to the metadata that Tator needs to configure its side of the integration. See below for an example of what the metadata looks like. Save the link for later in this tutorial.

Configuring Tator

Open up your and add the following

enabled: true
metadata_url: <URL copied from last section>

Then deploy the updated values

tator$ make cluster-update