Introduction to Okta SSO
This guide will walk you through the steps necessary to allow your team to sign in to Courier with Okta.
Prerequisites
An Okta account with Admin privileges.
Each user must be invited to courier via email before they can log in with Okta.
Some of these steps require information to be received from and sent to courier. Before continuing, contact Courier support and ask for assistance in setting up Okta Sign in.
Set Up
Navigate to the Applications > Applications section of the Okta admin panel
Hit the "Create App Integration Button":
Create App Integration button.
Select SAML 2.0 and hit "Next"
Enter "Courier" as the app name and optionally provide the Courier logo (available after the screenshot) then click "Next"
Courier Logo
Contact courier support for a
Single sign on URLand anAudience URI. Enter them in their respective fields under SAML settings.
SSO URL and Audience URI fields
Under the "Attribute Statements" section, enter the following information:
Name:
idValue:user.idName:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressValue:user.email
(Name format can be left asUnspecified)
Okta attribute statements.
Hit the "Next" button towards the bottom of the page
Under the "Application Feedback" section, select "I'm an Okta customer adding an internal app" and hit "Finish":
Okta feedback form
From the "Sign On" tab of the new Courier application integration, find the
Identity Provider metadatahyperlink. Copy the link address and send it to the Courier support team member
Identity Provider metadata link
That's all thats needed to allow sign in with Okta. Be sure to assign users using the Assignments tab within the Courier App Integration of the Okta admin panel.