Configure single sign-on (SSO) using Okta

Before you begin, make sure you have an Admin account (Viewer or Contributor)

Step 1: Configure SAML 2.0 for Abstract in Okta.

Search for Abstract in Okta Applications
  1. In Okta, search for “Abstract” on the Applications page. 
  2. Click Add.
  3. While in Okta, locate and record your Metadata URL and Entity ID.

Step 2: Set up SAML single sign-on in Abstract.

  1. Open the Abstract web app.
  2. Go to the Permissions page in the left sidebar.
  3. In the Configure SSO section, enter the Metadata URL and Entity ID you recorded from Okta.
  4. Enter any manual exceptions you might have. Emails listed in the manual exceptions section will bypass SSO and be able to log in with email and password.
    Note: You’ll need to use primary email addresses in the manual exceptions list. SSO activation will fail if the email you list is a user’s secondary email. If that happens, you’ll see an error message with the primary email for the failing account. Add that primary email to the manual exceptions list after you’ve verified you know the user.
  5. Click Test with my Account.
    Note: You may see an error message if one or more users are in multiple Abstract Organizations. You’ll need to ask those users to either leave their other Organizations or create a new account with their company email.
  6. Toggle Activate SSO on. 
  7. Click Save Changes.