PricingInstall StepSecurity AppLogin

Setting Up Okta SSO

This document outlines the steps required to set up Okta SSO with StepSecurity.

StepSecurity uses AWS Cognito as the service provider for the SSO experience.

Setup Instructions

Step 1: Configure SAML Settings

  • On the StepSecurity App navigate to Admin Console → Security & Auth → Configure SSO → Okta

  • Copy the values displayed here

Step 2: Log in to Okta

  • Log in to the Okta Admin Console

  • Navigate to Applications > Applications from the left sidebar.

Step 3: Create App Integration

  • Click on Create App Integration on the Applications page.

Step 4: Choose SAML 2.0

  • Select SAML 2.0 as the Sign-in method, then click Next.

Step 5: Configure General Settings

  • On the General Settings page:

  • Click Next to continue.

Step 6: Configure SAML Settings

  • Paste the values you obtained from the StepSecurity App into the corresponding fields in Okta

Step 6: Add Attribute Statement

  • Under Attribute Statements, add the following field:

    • email → user.email

Step 7: Add Group Attribute Statements

  • Scroll down to ‘Group Attribute Statements’ and add following field.

    • Set Name as ‘Groups’

    • Choose Matches regex and enter a regex that selects the groups you want to send.

      • Specific groups: .*groupA.*|.*groupB.*|.*groupC.*

      • All groups: .*

You should only pass specific groups to the StepSecurity platform. If the app passes all group memberships, it may exceed the maximum request body size.

  • This enables StepSecurity’s SCIM-like functionality — for example, you can use Okta groups and map them to roles in the StepSecurity dashboard.

Step 8: Save Settings

  • Scroll down keeping the default values, then click Next.

Step 9: Provide Feedback

  • Optionally, provide feedback. Then click Finish.

Step 10: Share Metadata URL

  • After finishing, you will see a screen displaying the Metadata URL. Copy this URL.

  • In the Okta Admin Console, navigate to StepSecurity app → Sign On → Settings → Edit,

    then paste the Default Relay State value (copied from the StepSecurity App) into the SAML 2.0 section (For IDP initiated login)

  • On the StepSecurity App share the Email Domains and Metadata URL gotten from the Okta App and submit the configuration

Step 11: Assign Users

  • Under the Assignments tab, add users who should have access to this application.

Step 12: Confirm SSO Setup

  • On the StepSecurity → Security & Auth page, you can test your SSO integration.

  • We have updated your tenant. To verify that the SSO flow is working, follow these steps:

    • Authorize your email address for SSO access visit https://app.stepsecurity.io/<tenant>/admin-console/members and click Invite Members.

    • Select SSO as the Authentication Type and add your email as an authorized member.

    • Log out of your current StepSecurity session.

    • Go to https://app.stepsecurity.io/login and log in using SSO.

    • Confirm that you can successfully access the dashboard.

  • For additional confirmation, visit https://app.stepsecurity.io/<tenant>/admin-console/sso-test and ensure that all checks on the page are passing.

Step 13: Add Members

You can add members using either:

  • Individual email addresses

  • Okta group synchronization

To sync Okta groups:

  • Ensure Enforce SSO is enabled in StepSecurity

  • In Okta Go to Directory → Groups to view available groups.

In StepSecurity under Members, add the groups you want to grant access and Click Continue to finish.

PreviousSetting Up Google SSONextSetting Up Microsoft Entra (Azure AD)

Last updated

Was this helpful?