This article will walk you through how to configure Braze to use Okta for single sign-on.
Okta connects any person with any application on any device. It’s an enterprise-grade, identity management service, built for the cloud, but compatible with many on-premises applications. With Okta, IT can manage any employee’s access to any application or device.
|Okta turned on for your account||Reach out to your Braze account manager to have this turned on for your account|
|Okta admin privileges||Make sure you have admin privileges before setting up Okta|
|Braze admin privileges||Make sure you have admin privileges before setting up Okta|
|RelayState API key||To enable IdP login, you will first need to create an API key in the Developer Console under API Settings with
Step 1: Configure Braze
Step 1a: Log in to your Braze account and navigate to Security Settings
- Log into your Braze account using an admin account.
- Click on your username and select Company Settings from the dropdown menu. Next, select the Security Settings tab.
- Enable the SAML SSO toggle.
Step 1b: Edit SAML SSO settings
From your Okta Admin dashboard, you will be provided a
Target URL (Login URL) and
x.509 certificate which you must input into your Braze account.
||This will appear as the button text on the login screen. This is typically your IdP name, For example, “Okta”.|
||This is the Login URL provided by Okta Admin dashboard.|
Select Save Changes at the bottom of the page once completed.
Step 2: Configure Okta
Step 2a: Navigate to Okta
In Okta, select the Sign On tab for the Braze SAML app, then click Edit.
Step 2b: Update default RelayState
Enter the RelayState API key with
sso.saml.login permission in the Default Relay State field.
Save these new settings.
If you want your Braze account users to only sign in with SAML SSO, you can restrict single sign-on authentication from the Company Settings page.
Step 3: Log in
You should now be able to log in to Braze using Okta!