Please note: this feature is in alpha and needs to be activated by Ably for your account. Please contact us if you would like to try it.
SAML single sign-on (SSO) makes it possible for your Ably enterprise account members to authenticate through an identity provider (IdP) of your choice. To get started, you’ll need to set up a connection with your IdP.
Follow these steps to connect your account with Okta:
- Login as the owner of the enterprise account for which you want to enable SSO.
- Navigate to the Ably → Account Settings page.
- Scroll down to the Authentication Settings section and toggle on the Enable Single Sign-On? option. An SSO settings form is displayed. Take note of the Single sign on URL and Audience URI values as these will be required in the next step.
- Follow the official Okta guideto enable SSO from Okta for the Ably application. Additional notes:
- Upload Ably logo;
- For the Name ID format field select the EmailAddress option;
- For the Application username field select the Email option;
- Ably requires users to present their full name. Okta can share user profile fields such as first name and last name values out as SAML attributes:
- Remember to assign users to the newly created Okta application.
- Locate the Identity Provider metadata provided by Okta for the new Ably application and navigate back to the Ably → Account Settings page.
- Complete the form with the provided by Okta values for:
- Identity Provider Single Sign-On URL
- Identity Provider Issuer
- X.509 Certificate
- Click on Save authentication settings
