Okta

Set up SAML SSO with Okta. See the common values shared across all providers.

Application username format

When prompted, choose the application username format as EMAIL. This is important — Sundial matches users by email.

Steps

1. Go to https://developer.okta.com/.

2. Go to Applications → Applications.

3. Click Create App Integration.

4. Choose SAML 2.0 and click Next.

   

5. Set the App name to Sundial and click Next.

   

6. In Single sign-on URL enter: https://sundial-fe060.firebaseapp.com/__/auth/handler

   • (Optional) Set Application Base URL to https://app.sundial.so/.

7. Enter Audience URI (SP Entity ID) as: Sundial

8. Set Application username to: Okta Username

9. Set Name ID format to: Unspecified

10. Fill the Attribute Statements exactly as below:

    Name	Name format	Value
    email	Unspecified	user.email
    firstName	Unspecified	user.firstName
    lastName	Unspecified	user.lastName
    displayName	Unspecified	user.firstName + " " + user.lastName

    

11. Finish the integration.

Values to send back to Sundial

Once the app is created, collect the values Sundial needs:

1. Go to Applications again and open the Sundial app.
2. On the General tab, copy the Embed Link at the end of the section. This is the SSO URL used to wire up login on Sundial's side.
3. On the Sign On tab, scroll down to SAML Signing Certificates. From the Actions menu of the ACTIVE certificate, provide Sundial with the IdP metadata (it contains the entity ID and certificate required for the integration).