# SSO: Okta SAML Integration set-up

## Configure the SAML integration

{% stepper %}
{% step %}
On your Okta account, go to the admin settings [http://{your-workspace}-admin.okta.com](about:blank)
{% endstep %}

{% step %}
On the left panel, click on **Applications** > **Applications** > [**Create App Integration**](#user-content-fn-1)[^1]
{% endstep %}

{% step %}
Create a new application integration by selecting **SAML2.0,** then go **Next**

Complete each step as follows:

1. **General Settings**

| **App name**            | AB Tasty                                                                         |
| ----------------------- | -------------------------------------------------------------------------------- |
| **App logo (optional)** | <https://www.abtasty.com/wp-content/uploads/2024/03/ABTasty_Marque_Blue_150.png> |

2. [**Configure SAML**](#user-content-fn-2)[^2]

| **Single Sign on (url)**            | [Retrievable from your AB Tasty SSO configuration module on AB Tasty as **ACS URL**](#user-content-fn-3)[^3]    |
| ----------------------------------- | --------------------------------------------------------------------------------------------------------------- |
| **Audience URI (SP Entity ID)**:    | [Retrievable from your AB Tasty SSO configuration module on AB Tasty as **Entity ID** ](#user-content-fn-4)[^4] |
| **Default Relay State (optionnal)** | should be left empty                                                                                            |

<table data-header-hidden><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><strong>Name ID format</strong></td><td><pre><code>EmailAddress
</code></pre></td></tr><tr><td><strong>Application user name</strong></td><td><pre><code>Email
</code></pre></td></tr><tr><td><strong>Attribute Statements (optional)</strong></td><td><pre><code>Name: mail
</code></pre><pre><code>Value: user.email
</code></pre></td></tr></tbody></table>

3. **Feedback**

Select the following answers:

|                                    |                                              |
| ---------------------------------- | -------------------------------------------- |
| **Are you a customer or partner?** | I'm an Okta customer adding an internal      |
| **App Type**                       | This is an internal app that we have created |
| {% endstep %}                      |                                              |

{% step %}
Click on **Finish.**
{% endstep %}
{% endstepper %}

## Get metadata.xml file <a href="#h_01ge6x67katrqynf1nd1hv5vjs" id="h_01ge6x67katrqynf1nd1hv5vjs"></a>

### **SAML signing certificates**

{% stepper %}
{% step %}
Go back to the **App settings.**
{% endstep %}

{% step %}
Click on the **Sign On** tab.
{% endstep %}

{% step %}
Scroll down to the **SAML Signing Certificates** section.
{% endstep %}

{% step %}
Make sure the current certificate is **Active**
{% endstep %}

{% step %}
Click on **Actions**>**View IdP metadata**

Your metadata.xml file is created.

[You can now import it on AB Tasty](broken://pages/dDNu2qhPBX0befui510V#set-up-your-sso).&#x20;

{% endstep %}

{% step %}
Save the file named **yourcompany.xml.**
{% endstep %}

{% step %}
Once the configuration is done, use the metada.xml along with your testing credential to [configure the SSO on your AB Tasty account](broken://pages/dDNu2qhPBX0befui510V).
{% endstep %}
{% endstepper %}

{% hint style="info" %}
If you can’t create those testing credentials, ask your CSM to plan a screen-shared video call to activate the QA and login with SSO on your AB Tasty account.
{% endhint %}

### **User assignments**

This section will allow access to **abtasty-idp** for a single user or a group:

{% stepper %}
{% step %}
On your Okta account, go to the admin settings [http://{your-workspace}-admin.okta.com](about:blank)
{% endstep %}

{% step %}
On the left panel, click on **Applications** > **Applications** > **Assign**&#x20;
{% endstep %}

{% step %}
Select **Assign to people** for a single user access, or **Assign to group** to grant access for a previously created group.
{% endstep %}

{% step %}
Use the search bar to find the targeted user or group
{% endstep %}

{% step %}
Click **Assign** beside every entity you want to grant access.
{% endstep %}

{% step %}
To save the selection and grant SSO access, click **Done**.
{% endstep %}
{% endstepper %}

[^1]: ![](/files/FKzFOzNJt1Q62xE62bJY)

[^2]: ![](/files/bvQ3xunOT0kXDeGbUaf5)

[^3]: ![](/files/o724fb75ZD4RzR9jtxQw)

[^4]: ![](/files/0yGLOKvmc56oUJ3s1LUF)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.abtasty.com/account/performance-and-security/how-to-set-up-the-sso/sso-okta-saml-integration-set-up.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.