Setting Up Okta SSO

This document outlines the steps required to set up Okta SSO with StepSecurity.

StepSecurity uses AWS Cognito as the service provider for the SSO experience. Please note that StepSecurity-based SSO allows login only when initiated by the service provider.

Setup Instructions

Step 1: Log in to Okta

• Log in to the Okta Admin Console

• Navigate to Applications > Applications from the left sidebar.

Step 2: Create App Integration

• Click on Create App Integration on the Applications page.

Step 3: Choose SAML 2.0

• Select SAML 2.0 as the Sign-in method, then click Next.

Step 4: Configure General Settings

• On the General Settings page:

  • Enter the App name as StepSecurity.

  • Optionally, add the StepSecurity logo:
• Click Next to continue.

Step 5: Configure SAML Settings

• Provide the following values:

  • Single sign-on URL:

    https://login.app.stepsecurity.io/saml2/idpresponse

  • SP Entity ID:

    urn:amazon:cognito:sp:us-west-2_PGbAJDNzx

Step 6: Add Attribute Statement

• Under Attribute Statements, add the following field:

  • email → user.email

Step 7: Save Settings

• Scroll down keeping the default values, then click Next.

Step 8: Provide Feedback

• Optionally, provide feedback. Then click Finish.

Step 9: Share Metadata URL

• After finishing, you will see a screen displaying the Metadata URL.

• Copy the Metadata URL and share it securely with the StepSecurity team.

Step 10: Assign Users

• Under the Assignments tab, add users who should have access to this application.

Step 11: Confirm SSO Setup

Once StepSecurity confirms the SSO setup is complete:

• Users can go to the StepSecurity login page.

• Enter their email address under the Sign in with your corporate ID section.

• They will then be redirected to authenticate via Okta SSO.