Single Sign-On SAML Integration - Okta

If you have an Enterprise account in Row Zero, you can configure single sign-on (SSO) via SAML 2.0 using your organization's existing Okta SSO provider. Row Zero supports SAML 2.0 for single sign-on with HTTP-POST binding.

Here is the information that you will need to configure a new Row Zero SAML application in Okta:

  1. In the Okta "Admin Console", navigate to "Applications --> Applications" scim okta applications
  2. Click on the "Create App Integration" button: scim okta app integration
  3. Select "SAML 2.0" and click the "Next" button: scim okta app integration saml
  4. In the "Create SAML Integration" page, provide the following:
    • For the "App name" type "Row Zero"
    • Find Upload new logo. You can click this link to download the Row Zero logo, and then upload for "App logo"
    • Leave the "Do not display application icon to users" unchecked
    • Click the "Next" button scim okta saml settings
  5. For the "SAML Settings" - "General" page, provide the following:
    • Leave the "Use this for Recipient URL and Destination URL" checked
    • For "Single sign-on URL" type "https://auth.rowzero.io/login/callback?connection=<CONNECTION_NAME>"
      • Note: You will need to replace CONNECTION_NAME above with an identifier that Row Zero will provide. Contact us when you are setting up your SSO integration and we will give you the CONNECTION_NAME to use.
    • For "Audience URI (SP Entity ID)" type "urn:auth0:rowzero:<CONNECTION_NAME>"
      • Note: Again, replace CONNECTION_NAME with the identifier Row Zero provides.
    • For "Name ID format" provide "EmailAddresses"
    • For "Application username" provide "Email"
    • For "Update application username on" provide "Create and Update"
    • Under Attribute Statement (Optional)
      • For "Name" type "email"
      • For "Name format" provide "Unspecified"
      • For "Value" select "user.email"
      • Click the "Add Another" button
      • For "Name" type "name"
      • For "Name format" provide "Unspecified"
      • For "Value" type "user.displayName"
      • Click the "Add Another" button
      • For "Name" type "email_verified"
      • For "Name format" provide "Unspecified"
      • For "Value" type "true"
    • Click the "Next" button scim okta saml general settings
  6. Click the "Finish" button: scim okta create saml integration
  7. In the "Row Zero" app, under the "Assignments" tab, click on the "Assign" button and select the appropriate users ("Assign to People") and groups ("Assign to Groups"): scim okta saml sso assignments

Once you have configured a Row Zero SAML application in Okta, contact us at Row Zero so that we can finish configuring the SSO integration on our end.

This is the information that we will need from you:

  1. The "Sign on URL" from the SAML application and the "Signing Certificate" from Okta. Do not share this via email or other unsecured means. We will give you a secure way to provide your certificate. scim okta row zero information
  2. Your identity provider domain(s) for login experience (e.g., yourcompany.com)