Stitch Admin privileges required
Setting up or modifying an existing Okta connection requires Admin privileges in Stitch. Refer to the Team member roles and permissions documentation for more info about privileges in Stitch.
Connect your Okta account to Stitch and enable Single Sign-On (SSO).
In this guide, we’ll cover:
Prerequisites
Admin privileges in Stitch. Refer to the Team member roles and permissions documentation for more info about privileges in Stitch.
Application Management privileges in Okta that allow you to add and configure applications. If you don’t have these privileges, contact an Okta admin before continuing.
Refer to Okta’s documentation for more info.
Step 1: Create and configure an Okta app
Step 1.1: Retrieve your SSO info from Stitch
- Sign into your Stitch account.
- Click User menu (your icon) > Manage Account Settings.
-
Scroll down to the Single Sign-on section and click Enable SSO.
- Select Okta from the SSO Provider menu.
- Click Continue.
- The Configure Your Okta SSO page will display.
Leave this page open - you’ll need it to complete the setup.
Step 1.2: Create the app in Okta
- Sign into your Okta account as a user with privileges that allow you to add and configure apps.
- Click Applications > Applications.
- On the Applications page, click Add Application.
- On the Add Application page, click Create New App.
- In the Create a New Application Integration window, fill in the fields as follows:
- Platform: This should default to
Web
. Leave it as-is. - Sign on method: Select
SAML 2.0
.
- Platform: This should default to
- Click Create.
Step 1.3: Define the app's general settings
A General Settings page will display. Fill in the fields as desired, clicking Next when finished.
Step 1.4: Configure SAML for the app
Next, you’ll configure SAML for the app on the Configure SAML page:
Step 1.4.1: Define the General settings
In the General section, fill in the following fields:
- Single sign on URL: Paste the value from the SSO URL field in Stitch.
- Audience URI (SP Entity ID): Paste the value from the SP Entity ID field in Stitch.
This is how the section should look after the fields have been populated:
Step 1.4.2: Define the Attribute Statements
Next, you’ll add the required attributes for the app:
# | SAML Attribute Name | Value |
1 | given_name | user.firstName |
2 | family_name | user.lastName |
3 | user.email |
To add the attributes:
- Scroll down to the attributes section, located after the Show Advanced Settings link.
- In the Field name field, enter the SAML Attribute Name of the parameter. For example:
given_name
- In the Value field, select the corresponding Value from the dropdown. For example:
user.firstName
is the value for the SAML Attributegiven_name
. - Click Add Another to add the next attribute.
-
Repeat steps 2-4 until all attributes have been added. This is how the section should look when all the parameters have been added:
- When finished, click Next.
Step 1.5: Save the app configuration
The next page that displays is the Feedback page. You can fill it out, or click Finish if you’ve finished defining the app’s general settings and configuring its SAML.
Step 1.6: Download the app's SAML metadata file
Next, you’ll download your app’s SAML metadata file. This is required to connect your Okta app with Stitch and enable SSO.
After the app has been saved, a page for the app will display in Okta.
- If you’re not in the Sign On tab, click it to navigate there.
-
In the Settings section, locate the Identity Provider metadata link and click it:
This will open a new tab in your browser with the SAML XML metadata for the app.
- Download/save this page, or copy and paste the XML data from the new tab into a text editor and save it as an
.xml
file. For example:stitch-sso-saml-metadata.xml
Step 1.7: Grant users access to the app
The last step to configuring the app is to grant access to users in your Okta instance. This ensures that they’ll be able to access Stitch via SSO.
Using the process your organization follows, grant Stitch Okta app access to your colleagues.
Step 2: Connect to Stitch
Navigate back to the page where your Stitch account is open.
- In Stitch, scroll down to the Connect to Stitch section of the Okta setup page.
- Click Upload SAML Metadata.
- Locate and select the SAML metadata file you downloaded in Step 1.6.
Step 3: Activate SSO
When finished, click the Activate SSO button.
Next steps
After you’ve enabled SSO for your Stitch account, remember to grant Stitch access to users in your Okta instance, if you haven’t already.
Related | Troubleshooting |
Questions? Feedback?
Did this article help? If you have questions or feedback, feel free to submit a pull request with your suggestions, open an issue on GitHub, or reach out to us.