Enable SSO With Okta
Enabling Single Sign-On (SSO) with Okta as your identity provider allows you and your teammates to simplify authentication and log-in access to Cloudcraft.
This article will help you get set up if your identity provider is Okta. We have additional articles for other providers.
For more general information on using SSO with Cloudcraft, check out Enable SSO in Your Account.
Setting Up SAML/SSO
The SAML Enterprise SSO feature is only available for the Enterprise plan, and can only be configured by the Cloudcraft account Owner role.
Head to User → Security & SSO inside Cloudcraft.
The details you need to create a new application with Okta can be found in the Cloudcraft service provider details section.
With this information in hand, head to Okta, log in as an administrator, and click the Applications menu.
Click the Add Application button, and then the green Create New App one.
A new modal window will open; select SAML 2.0 as the sign on method and click the green Create button.
Here we are creating a new application for SAML integration. Enter Cloudcraft as the name of the application, leave everything else as is and click the Next button.
If you prefer to use an app logo, we have one that fit Okta's size restrictions over here.
On the next prompt you will need to configure the SAML integration using the details provided by Cloudcraft.
The fields are mapped like this, with the first one being the label in Okta, and the second one being the label at Cloudcraft.
- Single sign on URL: Assertion Consumer Service URL
- Audience URI: Service Provider Entity ID
Select EmailAddress on the Name ID format dropdown, and proceed to the next screen, picking I'm an Okta customer adding an internal app to answer the question "Are you a customer or partner?".
Now the application is set up in Okta, you can assign your users to it and once you are done, navigate to the Sign On tab.
You will see a blue link under the View Setup Instructions button, where you can download the file required for upload to Cloudcraft. Download the file to a convenient place and log out of Okta.
Head back to Cloudcraft, and upload your config file into the blue dotted box.
Lastly, toggle the SAML Single Sign-On is enabled option. Once you have verified that the SSO login is working as expected, if you prefer to have your users access Cloudcraft only via your identity provider, enable the Strict mode option.
We suggest testing the integration before telling your team about it, just to ensure that everything works as expected.
If you have any questions or trouble with the process, get in touch with our support team and we will be happy to help.