Skip to main content
Version: Current

Okta single sign-on (SSO) - SAML

Set up SAML-based Okta authentication to enable secure single sign-on for your Zudello environment. This guide explains how to configure the required SAML application settings and user assignments in Okta.

Zudello uses Zitadel as our authentication provider. Your Zudello implementation consultant will set up the initial connection within Zitadel and provide you with the specific URLs needed for configuration.

Best practices

To ensure smooth authentication setup:

  • Use clear application names
  • Configure attribute mappings before assigning users
  • Test with a limited user group first
  • Save configuration details securely
  • Review user assignments regularly

Creating your Okta SAML application

To set up Okta SSO for your Zudello team, you will need to:

  1. Create a new SAML application
  2. Configure single sign-on settings using Zudello-provided URLs
  3. Set up attribute statements
  4. Assign users to the application
  5. Provide metadata information to Zudello

Creating a new SAML application

  1. Log in to your Okta account and go to the applications list: your-okta-domain/admin/apps/active
  2. Click Create App Integration
  3. Select SAML 2.0
  4. Name the application Zudello
  5. Click Next
  6. Paste the URLs provided by Zudello:
    • Single sign-on URL: Paste the ZITADEL ACS Login Form URL
    • Audience URI (SP Entity ID): Paste the ZITADEL Metadata URL

  1. Save the configuration
  2. Copy the metadata URL from the details
Important note

Please save the metadata securely before proceeding.
You will need to provide this to Zudello once you have completed all steps.

Setting up attribute statements

To send the user data from Okta to Zitadel you have to add some attribute mappings in your SAML Settings.

Add the following three mappings to the Attribute Statements table:

NameName formatValue
givennameBasicuser.firstName
surnameBasicuser.lastName
emailaddressBasicuser.email

Assigning users to the application

To allow users to authenticate with the newly created app go to the Assign tab:

  1. Click the Assignments tab
  2. Click Assign
  3. Select Assign to People

  1. Select all users who should have access to Zudello

Completing implementation

Once you have completed the above steps, please securely provide the following information to your Zudello implementation consultant or support@zudello.com:

  • Metadata URL (from step 7 above)

To ensure your information is kept confidential, use a secure password sharing tool like 1Password or LastPass.

Zudello will complete the SSO configuration on our side and notify you when testing can begin.

Testing the configuration

After Zudello has completed the remaining configuration, we will notify you that testing can begin.

To test the Okta SSO:

  1. Open an incognito or private browser window
  2. Navigate to https://app.zudello.io
  3. Enter your email
  4. Click Next
  5. Okta SSO will take over the login process from here
  6. Once you have logged in through Okta, you will directed back to the Zudello app

Need help?

Contact your organisation administrator or Zudello support for assistance with Okta SAML authentication setup.