Skip to main content

Check out Port for yourselfย 

Okta

Follow this step-by-step guide to configure the integration between Port and Okta using a SAML application.

Port support

To complete the process, you will need to contact us to receive the necessary information and provide the details Port requires from you.

The Port team will provide you with your CONNECTION_NAME, which will be used in the SSO application's configuration.

Port-Okta integration benefitsโ€‹

  • Connect to the Port application via an Okta app.
  • Your Okta groups will be automatically synced with Port upon a user sign-in.
  • Set granular permissions on Port according to your Okta groups.

Register a new application and generate the required credentialsโ€‹

  1. Sign in to your Okta Admin Console.

  2. Navigate to Applications and click on Applications again.

  3. Click on the Create App Integration button.

  4. In the pop-up, select SAML 2.0 and click on Next.

  5. In the General Settings, enter a name for the application and click on Next.

  6. On the Configure SAML page, under SAML Settings, you will need to fill in some details:

    • Single sign on URL: https://auth.getport.io/login/callback?connection={CONNECTION_NAME}
    • Audience URI (SP Entity ID): urn:auth0:port-prod:{CONNECTION_NAME}

  7. Scroll down to the Attribute Statements (Optional) section and add the following:

    • email, with the Value set to user.email
    • given_name, with the Value set to user.firstName
    • family_name, with the Value set to user.lastName
    • email_verified, with the Value set to true

  8. Click Next and then Finish to create the application.

Generate a Certificate and Send to Portโ€‹

To secure the SAML integration, you need to generate a certificate and send it to Port:

  1. In the Okta Admin Console, navigate to Applications, and select the newly created SAML application.

  2. Go to the Sign On tab and scroll down to the SAML Signing Certificates section.

  3. Click on Generate new certificate.

  4. In the dialog, specify the certificate details such as the name and duration, then click Generate.

  5. After generating the certificate, download it by clicking on the Actions button next to the new certificate and selecting Download certificate. Choose the PEM format.

  6. Send the PEM certificate file along with the Identity Provider metadata URL (available in the Sign On tab) to Port.

Direct access via URL

After configuring the SSO connection, you can initiate the login flow directly via URL.
Use the following URL based on your account region, and make sure to to replace {CONNECTION_NAME} with the value provided to you by Port.

https://auth.getport.io/authorize?response_type=token&client_id=96IeqL36Q0UIBxIfV1oqOkDWU6UslfDj&connection={CONNECTION_NAME}&redirect_uri=https%3A%2F%2Fapp.getport.io

Expose Groupsโ€‹

To expose your Okta groups to Port via the application, follow these steps:

  1. In the General tab of your Okta application, click Edit.

  2. Scroll down to the Group Attribute Statements section.

  3. Add a group attribute using the following settings:

    • Name: groups
    • Filter: Regex
    • Value: Use a regular expression that matches the groups you wish to send to Port (e.g., .* for all groups or a specific pattern).

  4. Save your changes.

These groups will be ingested into Port as teams, enabling you to manage user permissions and RBAC in your Port account.