SAML Setup for Okta
Configure Okta for SAML SSO
SSO is currently in beta for Business account users. If you would like to SSO enabled for your account please let us know at [email protected]​
This guide will set up a custom Okta SAML Application that will allow your users to login to Hava. These steps can be followed for most SSO identity providers, though the field names may be different. Custom apps will be coming soon.
    1.
    Log into Hava and head to your Account Settings. From there select SSO Config, then click SAML on the protocol selection page. This will show you the Service Provider values you will need to enter into Okta
    2.
    Log into Okta and click Applications β†’ Create App Integration
    3.
    Select SAML 2.0 and click Next
    4.
    Name the app Hava and click Next
    5.
    Use the Service Provider values from the Hava SSO SAML section to complete the fields on this page:
      1.
      Single Sign on URL is Assertion Consumer Service URL
      2.
      Audience URI is Issuer (Entity ID)
      3.
      Default RelayState is also Issuer (Entity ID)
      4.
      Name ID format is set to EmailAddress
    6.
    Leave the rest as is and click Next
    7.
    Select Okta customer and click Finish
    8.
    Click View Setup Instructions to see the information required for Hava
    9.
    Head back to the Hava SSO SAML config page and select Add SAML Config
    10.
    Enter the config values from the Okta setup instructions:
      1.
      Identity Provider Entity ID is Identity Provider Issuer
      2.
      Identity Provider SSO URL is Identity Provider Single Sign-On URL
      3.
      Public x509 Certificate is X.509 Certificate
    11.
    Click Save to complete the setup
You can now either test the login via your Okta App page, or by heading to the Login URL displayed in the Service Provider details in Hava. Once you have confirmed the configuration works you can then Enable your provider to limit logins to SSO only for your account.
Last modified 20d ago
Copy link