Enable SSO With Okta

Enabling Single Sign-On (SSO) with Okta as your identity provider allows you and your teammates to simplify authentication and log-in access to Cloudcraft.

This article will help you get set up if your identity provider is Okta. We have additional articles for other providers.

For more general information on using SSO with Cloudcraft, check out Enable SSO in Your Account.

Setting Up SAML/SSO

The SAML Enterprise SSO feature is only available for the Enterprise plan, and can only be configured by the Cloudcraft account Owner role.

Head to User → Security & SSO inside Cloudcraft.

Security & Single Sign-On

The details you need to create a new application with Okta can be found in the Cloudcraft service provider details section.

Cloudcraft service provider details

With this information in hand, head to Okta, log in as an administrator, and click the Applications menu.

Click the Add Application button, and then the green Create New App one.

Create new application at Okta

A new modal window will open; select SAML 2.0 as the sign on method and click the green Create button.

SAML 2.0 integration

Here we are creating a new application for SAML integration. Enter Cloudcraft as the name of the application, leave everything else as is and click the Next button.

If you prefer to use an app logo, we have one that fit Okta's size restrictions over here.

General SAML settings

On the next prompt you will need to configure the SAML integration using the details provided by Cloudcraft.

The fields are mapped like this, with the first one being the label in Okta, and the second one being the label at Cloudcraft.

  • Single sign on URL: Assertion Consumer Service URL
  • Audience URI: Service Provider Entity ID
SAML settings

Select EmailAddress on the Name ID format dropdown, and proceed to the next screen, picking I'm an Okta customer adding an internal app to answer the question "Are you a customer or partner?".

Click Finish.

Now the application is set up in Okta, you can assign your users to it and once you are done, navigate to the Sign On tab.

Sign on settings

You will see a blue link under the View Setup Instructions button, where you can download the file required for upload to Cloudcraft. Download the file to a convenient place and log out of Okta.

Head back to Cloudcraft, and upload your config file into the blue dotted box.

Uploading metadata to Cloudcraft

Lastly, toggle the SAML Single Sign-On is enabled option. Once you have verified that the SSO login is working as expected, if you prefer to have your users access Cloudcraft only via your identity provider, enable the Strict mode option.

We suggest testing the integration before telling your team about it, just to ensure that everything works as expected.

If you have any questions or trouble with the process, get in touch with our support team and we will be happy to help.