enterprise plans
If your organization is using Okta as an identity provider, you can set up Single Sign-On (SSO) with either OIDC or SAML 2.0. This guide covers both methods of integrating with Okta.
To get the most out of this guide, you must be:
- On an Enterprise plan
- An Organization Admin
There are two main steps to setting up SSO with Builder and Okta:
- Configuring Okta by creating an application integration
- Configuring Builder by adding Okta
1. Go to your Okta Dashboard and expand the Applications section. The URL takes the following format: https://my-org-admin.okta.com/admin/apps/active
.
2. Click Applications.
3. Click the Create Application Integration button.
4. In the dialogue that opens, choose OIDC - OpenID Connect for the Sign-in method.
5. For the Application type, choose the type of application you're developing.
6. Click Next.
7. Name the app integration Builder.io.
8. Add the Builder logo. Click the image below to open the logo in a new tab if needed.
9. For Grant type, select Implicit(hybrid).
10. Add the Sign-redirect URI:
https://builder-3b0a2.firebaseapp.com/__/auth/handler
11. Select an option in the Assignments section according to your needs.
12. Click Save.
13. In General Settings, uncheck Allow Access Token with implicit grant type.
The following video demonstrates this process in Okta:
While in Okta, take note of your Client ID and your Issuer URL, which you need when you configure Builder. They are located as follows and as highlighted in the next image.
- Client ID: Okta Dashboard -> Applications -> General -> Client Credentials.
- Issuer URL: Click on your name in the upper right. Hover over the domain to copy.
To integrate Okta with Builder:
- Go to your Organization Account Settings.
- Click the Pencil icon next to Sign Sign-On.
- For SSO method, choose OpenID Connect.
- Enter a human-friendly display name. This is the name that your users will refer to.
- Enter a Provider ID for the SSO Name field. You'll use this to sign into Builder via a url such as
https://builder.io/login/oidc/demo-org
. - Enter the Client ID that you noted during the Okta configuration. You can find it in your Okta Admin Dashboard -> Applications -> General -> Client Credentials.
- Enter your Issuer URL that you noted during the Okta configuration. Usually, it has the format of your-company.okta.com and you can find it in the menu that displays when you click on your name at the upper right of the Okta dashboard.
Once you've saved the SSO integration, you can test the login flow by logging out and visiting https://builder.io/login/oidc/<your-sso-name>
.
Tip: You cannot use SSO if your browser doesn't support cookies. If you're in an incognito window ensure that cookies are enabled.
You can add the integration to your Okta dashboard so users can sign into Builder directly from Okta:
- Go to the Okta Admin Dashboard -> Applications -> General -> Login.
- Add your SSO name that you configured above in the Initiate login URI field. For example,
https://builder.io/login/oidc/<your-sso-name>
.
The following image illustrates where to add the SSO name:
Looking to hire a third party to help with your project?
Submit a project request and our partnerships team will reach out to connect you with an Expert from our partner ecosystem.