apps/docs/content/guides/integrate/identity-providers/okta_saml.mdx
import GeneralConfigDescription from './_general_config_description.mdx'; import Intro from './_intro.mdx'; import CustomLoginPolicy from './_custom_login_policy.mdx'; import IDPsOverview from './_idps_overview.mdx'; import Activate from './_activate.mdx'; import PrefillAction from './_prefill_action.mdx'; import TestSetup from './_test_setup.mdx';
<Intro components={props.components} provider="OKTA"/>To be able to create the application in OKTA we need the provider id from ZITADEL.
As an alternative you can add the SAML identity provider through the API, either on the default settings or on a specific organization:
After you created the SAML Provider in ZITADEL, you can copy the URLs you need to configure in your OKTA application.
OKTA-DOMAIN/admin/apps/activeTo send the user data from OKTA to ZITADEL you have to add some attribute mappings in your SAML Settings You can define the name by yourself, just ensure you use the same later on in the ZITADEL Action we will add.
Add the following three mappings:
| Name | Name format | Value |
|---|---|---|
| givenname | Basic | user.firstName |
| surname | Basic | user.lastName |
| emailaddress | Basic | user.email |
To allow users to authenticate with that app go to the "Assign" Tab.
You are now finished with the settings in OKTA and you can switch back to your identity provider settings in ZITADEL.
Add the metadata URL you have saved before from OKTA to the Metadata URL. As soon as you have saved the provider, and you have a look at the detail you should now see the Metadata Xml field filled.
If you prefer changing the settings through the API you can update the SAML provider on the default settings or a specific organization:
You can also fill the optional fields if needed:
<GeneralConfigDescription components={props.components} provider_account="OKTA account" />https://github.com/zitadel/actions/blob/main/examples/okta_saml_prefil_register_form.js