Single Sign-On (SSO) with Okta
You can enable Single Sign-On for the Pexip apps by integrating the Pexip Service with Okta.
Your account manager at your local certified Pexip Partner needs to open a ticket with the Pexip Support team using the Single Sign-On (SSO) Setup Request form, and you need to supply your partner with details of your Okta application.
Note that:
- SSO for the Pexip apps is only available for Enterprise User License customers with a minimum of 10 user licenses, and is not available for trials.
- There is no synchronization with the SSO service. It supports sign-in only; company administrators still need to initiate user invitations.
This article explains the steps you (the customer company administrator) need to perform:
-
Create a custom SAML app integration in Okta as described in this Okta article.
The flow is shown below.
-
Select
. -
Select SAML 2.0.
-
Enter an App name, for example "Pexip SSO".
-
Configure the SAML settings:
- Single sign-on URL: this is the Pexip Assertion Consumer Service — https://api.vp.vc/api/auth/v1/saml/response
- Audience URI (SP Entity ID): this is the Pexip Entity ID — https://api.vp.vc/api/auth/v1/saml
All of the other values under SAML settings are optional.
-
-
After completing the SAML wizard you need to assign users or groups to the newly created application.
-
Go to the
tab and in the bottom right-hand corner select . -
This takes you to a new tab that provides you with all of the values and certificate information that you need to give to your Pexip partner:
- Identity Provider Single Sign-On URL
- Identity Provider Issuer
- X.509 Certificate
Pexip support will then enable your organization for SSO, and the users/groups you have added to the application will be enabled to use SSO.