# SSO with Okta ### Overview [Okta](https://www.okta.com) is an identity and access management platform that provides SSO solutions for organizations. It allows users to access multiple applications and services using a single set of credentials, aiming to simplify the user authentication experience. Okta operates on a **cloud platform** and **supports SAML 2.0**. This guide outlines the steps to configure SSO using **Okta**. {% hint style="info" %} You must be an **Account Owner** or **Administrator** on ComplyCube and have **administrative permission** on Okta to set up SSO. {% endhint %} {% hint style="info" %} **ComplyCube** does not send an email confirmation when the SSO setup is complete. {% endhint %} ### Setup steps {% stepper %} {% step %} #### Create an Okta account The first step is to [create an account](https://www.okta.com) with Okta. When this guide was written, Okta offered a **free trial account** to assist with the initial setup. You can follow their instructions to register an account and download their app on your phone to complete the setup. {% endstep %} {% step %} #### Add integration to Okta and configure **SAML-based SSO** Once your account is set up, log in and click **Admin** to switch to Admin mode.

In admin mode, click **Applications → Create App Integration**.

Select **SAML 2.0** as the sign-in method.

Add the App name "**ComplyCube**", then click **Next**.

Copy the **Audience** and **ACS Consumer URL** values from your ComplyCube [SSO settings page](https://portal.complycube.com/settings/sso) onto the SAML Settings of the application in Okta. Also, as shown in the image below, please ensure the following **Attribute Statements** are mapped in Okta - '***firstName***', '***lastName***', and '***email***', as they will be used to update the user profile details in ComplyCube on every sign-in.

Click **Next**, then **Finish**. {% endstep %} {% step %} #### People and group assignments Once the application is added, the next step is to assign **people** or **groups** to that application. We recommend that assignments be made at a group level. First, add the individual user to your Okta directory, **Directory → People**. Upon adding your users, you can create a group, **Directory → Group**, and assign the individuals to the group. Now, navigate to the application, **Applications → ComplyCube**, click on **Assignments**, and assign your group.

{% endstep %} {% step %} #### Update SSO settings in ComplyCube Finally, navigate to your ComplyCube [SSO settings page](https://portal.complycube.com/settings/sso), update the **Sign-In URL,** and upload your **Signing Certificate** (i.e., X.509 certificate). You can find the **Sign-In URL** in Okta — **Applications → ComplyCube**. On the **General** tab, copy the **Embed Link** and paste it into ComplyCube. Then click the **Sign On** tab and scroll to the bottom to find the **Signing Certificates**. Download the **SHA-2** certificate, upload it into ComplyCube, and save your settings.

{% endstep %} {% endstepper %} That's it. You can now sign in to the ComplyCube Web Portal using SSO through Okta. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.complycube.com/documentation/access-management/single-sign-on-sso/sso-with-okta.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.