Okta

Okta connects any person with any application on any device. It’s an enterprise-grade, identity management service, built for the cloud, but compatible with many on-premises applications. With Okta, your IT team can manage any employee’s access to any application or device.

Requirements

Requirement	Details
Okta turned on for your account	Reach out to your Braze account manager to have this turned on for your account.
Okta admin privileges	Make sure you have admin privileges before setting up Okta.
Braze admin privileges	Make sure you have admin privileges before setting up Okta.
RelayState API key	To enable IdP login, go to Settings > API Keys and create an API key with sso.saml.login permissions.

Step 1: Configure Braze

Step 1a: Navigate to Security Settings in Braze

After your account manager has enabled SAML SSO for your account, go to Settings > Admin Settings > Security Settings and toggle the SAML SSO section to ON

Step 1b: Edit SAML SSO settings

From your Okta Admin dashboard, you will be provided a target URL (login URL) and x.509 certificate under SAML Signing Certificate which you must input into your Braze account.

Requirement	Details
SAML Name	This will appear as the button text on the login screen. This is typically your identity provider’s name, For example, “Okta”.
Target URL	This is the login URL provided by Okta Admin dashboard.
Certificate	The x.509 PEM encoded certificate is provided by your identity provider. You must copy and paste it into this field.

Select Save Changes at the bottom of the page when completed.

Step 2: Configure Okta

In Okta, select the Sign On tab for the Braze SAML app, then click Edit.

Next, enter the RelayState API key with sso.saml.login permission in the Default Relay State field.

Make sure to save these new settings.

Step 3: Log in

You should now be able to log in to Braze using Okta!