Setup SSO for ImageKit on Okta
There are two main steps required to set up SSO using Okta on ImageKit:
Okta subscription Although you may use a free developer account on Okta to set up and test the SSO application, having a premium Okta subscription is recommended for seamless role provisioning for your users. Read more here.
First, you need to create an application on Okta and generate an IdP Metadata XML file.
- 2.Navigate to the "Applications" screen using the side navigation menu
- 3.Click the "Create App Integration" button
- 4.In the modal popup that opens, choose the "SAML 2.0" radio button as shown below, then click "Next"
- 5.Input a name for the application, we will use "ImageKit" for this guide, then click "Next"
Create a SAML 2.0 application
Single sign-on method
On the next screen, we will configure various authentication parameters as shown:
Note: Name ID is the unique email address of the user that will be used to identify them on ImageKit.
Basic SAML configuration
Now you need to specify three more keys that ImageKit uses to authorize and provision your users:
Navigate to "Directory > Profile Editor", and create user attributes that will be mapped and sent to ImageKit during authentication.
Attributes and claims
User profile mappings
Back on the SSO application page under the SAML section, ensure that these fields are included correctly in your Okta user object.
SAML attribute statements
Assign the application to users as shown below to finish this step.
Assign app to users
Confirm user profile provisions
Navigate to the SAML setup instructions screen and scroll to the section with the IdP Metadata XML file. Copy and save it in a safe location. You will need to upload this XML file to your ImageKit account in a later step.
Find the IdP Metadata XML
Copy and save the IdP Metadata XML
Enable SSO for all users
If you have administrator privileges on your ImageKit account, you can enable SSO for all the users in your account as follows:
Your users should now be able to use Okta SSO to log into ImageKit.
SSO users would need to initiate their very first login on ImageKit through the ImageKit app by navigating to their end-user dashboard on Okta.
ImageKit SSO login screen
You can disable SSO login for the users on your ImageKit account by deleting the Metadata XML.