Enable SSO With Okta

Enabling Single Sign-On (SSO) with Okta as your identity provider allows you and your teammates to simplify authentication and log-in access to Cloudcraft.

This article will help you get set up if your identity provider is Okta. We have additional articles for other providers.

For more general information on using SSO with Cloudcraft, check out Enable SSO in Your Account.

Setting Up SAML/SSO

The SAML Enterprise SSO feature is only available for the Enterprise plan, and can only be configured by the Cloudcraft account Owner role.

Head to User → Security & SSO inside Cloudcraft.

The details you need to create a new application with Okta can be found in the  Cloudcraft service provider details section.

With this information in hand, head to Okta, log in as an administrator, and click the  Applications menu.

Click the  Add Application button, and then the green Create New App one.

A new modal window will open; select  SAML 2.0 as the sign on method, and click the green Create button.

Here we are creating a new application for SAML integration. Enter  Cloudcraft as the name of the application, leave everything else as is, and click the Next button.

If you prefer to use an app logo, we have one that fit Okta's size restrictions over here.

On the next prompt you will need to configure the SAML integration using the details provided by Cloudcraft.

The fields are mapped like this, with the first one being the label in Okta, and the second one being the label at Cloudcraft.

  • Single sign on URL: Assertion Consumer Service URL
  • Audience URI: Service Provider Entity ID

Select  EmailAddress on the Name ID format dropdown, and proceed to the next screen, picking I'm an Okta customer adding an internal app to answer the question "Are you a customer or partner?".

Click  Finish.

Now the application is set up in Okta, you can assign your users to it, and once you are done, navigate to the  Sign On tab.

You will see a blue link under the  View Setup Instructions button, where you can download the file required for upload to Cloudcraft. Download the file to a convenient place, and log out of Okta.

Head back to Cloudcraft, and upload your config file into the blue dotted box.

Lastly, toggle the SAML Single Sign-On is enabled option. Once you have verified that the SSO login is working as expected, if you prefer to have your users access Cloudcraft only via your identity provider, enable the Strict mode option.

We suggest testing the integration before telling your team about it, just to ensure that everything works as expected.

If you have any questions or trouble with the process, get in touch with our support team, and we will be happy to help.