Setup SSO with Okta

When setting up your SAML connection with Okta, they will ask you for Birdie's Service Provider info, while Birdie will ask you for Okta's Identity Provider info, which might be confusing.

To resolve this, follow these steps in your Okta account:

  1. Create an app in Okta with dummy/random information in the Single sign-on URL and Audience URI (SP Entity ID) fields. You can use "" for both.

  2. Finish creating the app without changing anything further.

  3. Find the app in Okta admin and go to the "Sign On" tab.

  4. There should now be a link on the right-hand side to "View SAML setup instructions."

  5. The "Identity Provider Single Sign-On URL" from that link corresponds to the "Single Sign-On URL" field in the Birdie SSO screen.

  6. The "Identity Provider Issuer" corresponds to the "Entity ID" field in the Birdie SSO screen.

  7. Copy and paste the X.509 Certificate to the Birdie SSO screen.

  8. Return to the Okta app and go to the "General" tab.

  9. Click "Edit" next to the SAML settings section.

  10. Copy the "Service Provider ACS" URL from Birdie and paste it into the "Single sign-on URL" field in Okta.

  11. Copy the "Service Provider EntityID" URL from Birdie and paste it into the "Audience URI (SP Entity ID)" field in Okta.

  12. Leaving the rest of the settings as default worked for our setup.

Last updated