Configure SSO with Okta
Okta SSO for Forest Admin
Last updated
Okta SSO for Forest Admin
Last updated
You must have one project in your organization with the plan Forest Admin Pro plan to access this feature.
In your Okta admin dashboard, click Create a new app integration
Select SAML 2.0 and follow the wizard.
Navigate to the Okta application you just created. Click on the Sign On tab, Metadata details section, and copy the Metadata URL
head to Forest Admin, select XML file upload or XML file endpoint and paste the Metadata URL
to the Metadata XML endpoint.
You can perform some tests before enabling it for your whole company..
ACS URL*
Assertion Consumer Service URL is responsible for receiving the SAML response. Check Use this for Recipient URL and Destination URL
https://api.forestadmin.com/api/saml/callback
Audience URI (EntityID)
A globally unique name
forestadmin-OrganizationName
Name ID format
Should be email address used on Forest Admin accounts
Select EmailAddress
Application username
Select Email or let None
Update application username on
Select Create and update
(Optional) Default RelayState
Only useful for
{"organizationName": "<OrganizationName>", "destinationUrl": "organization.projects"}
Check the steps below this if you encounter an issue:
Double check all information (endpoints, certificate expiration dates, etc..)
Make sure the Name ID format
configured on your Identity Provider is the email address used on Forest Admin accounts too