Configure SSO for Okta

To access PathFactory’s Single Sign On configuration, you must:

  • Be an admin user in PathFactory
  • Contact your CSM or Support to request this feature

Check out the Single Sign On FAQ for more information.

Step 1: Copy Values from PathFactory

  1. In PathFactory, click your username and select Organization Settings.
    imageOrganization Settings menu
  2. Under the Single Sign On tab, select Okta as the configuration type.
    imageSingle Sign On tab
  3. Copy the Audience URI (SP Entity ID) and the Single Sign On URL values from the PathFactory Service Provider Settings.
    imageSingle Sign On tab

Step 2: Configure in Okta

  1. Create a SAML Application.
    You can find detailed steps on how to do so on the Okta website.
  2. In the General Settings step, name the App PathFactory.
  3. In the Configure SAML step:
    • Paste the Single Sign On URL value in the corresponding Single Sign On URL field copied from the Pathfactory Service Provider Settings in PathFactory.
    • Check the box Use this for Recipient URL and Destination URL.
    • Paste the Audience URI (SP Entity ID) value copied from the Pathfactory Service Provider Settings in PathFactory in the Audience URI (SP Entity ID) field.
    • Set the Name ID format to EmailAddress.
    • Set the Application Username to Okta username.


      Configure SAML screen

  4. Finish creating the app in Okta, then click Identity Provider metadata under the Sign On tab to download the metadata as an xml file.
    If you are unable to download the xml file you can download the Okta certificate during the previous step, and copy the Single Sign On URL from the View Setup Instructions link.


    Okta Settings interface

Step 3: Enable in PathFactory

  1. In PathFactory, return to the Single Sign On tab under Organization Settings.
  2. Click Upload File and select the Identity Provide metadata file you downloaded from Okta. The required fields will auto-populate.
    If you copied the Single Sign On URL and downloaded the certificate, you will have to manually paste those values in the Single Sign On URL and Certificate fields.


    Upload File button

  3. Click Save to enable Single Sign On in PathFactory.

Step 4: Adjust Mixed Mode Login Settings

Mixed Mode Login allows selected users the option to login using either SSO or their username and password.

Mixed Mode Login will automatically be enabled for all PathFactory Admin users once you’ve set up SSO, but you may want to disable this ability for some admin users, or enable it for non-admin users.

Updated on March 16, 2023

Was this article helpful?

Need Support?
Can't find the answer you're looking for? Don't worry we're here to help!