--- title: Okta Configuration | PostGrid description: Step-by-step instructions for creating and configuring a SAML 2.0 app integration in Okta for PostGrid SSO. --- ## Step 1: Create New SAML 2.0 Application 1. Log in to your **Okta Admin Dashboard** 2. Navigate to **Applications** -> **Applications** 3. Click **Create App Integration** 4. Select **SAML 2.0** as the sign-in method 5. Click **Next** ![Okta Create App Integration dialog with SAML 2.0 selected as the sign-in method](/_astro/01-image.C1jjCLsv_1AwxUE.webp) --- ## Step 2: Configure General Settings 1. Enter your application details: - **App name**: PostGrid SSO (or your preferred name) - **App logo**: (Optional) Upload your organization’s logo - **App visibility**: Configure as needed for your organization 2. Click **Next** to proceed to SAML settings --- ## Step 3: Configure SAML Settings ### A. Enter PostGrid URLs Using the URLs provided by PostGrid, configure the following fields: 1. **Single sign-on URL**: - Paste the URL provided by PostGrid - Example format: `https://postgrid.us.auth0.com/login/callback?connection=...` - ✅ Check the box: **“Use this for Recipient URL and Destination URL”** 2. **Audience URI (SP Entity ID)**: - Paste the Audience URI provided by PostGrid - Example format: `urn:auth0:postgrid:okta-saml-pg-dashboard-46185598` ![Okta SAML settings form showing the Single Sign-On URL and Audience URI fields filled with PostGrid-provided values](/_astro/02-image.CbT1fFuR_1hRbpb.webp) ### B. Configure Default SAML Settings Leave the following fields with their default values: ![Okta SAML settings showing default values for Name ID Format, Application Username, and other base configuration fields](/_astro/03-image.S90tzjwE_4p3Q0.webp) ## Step 4: Configure Attribute Statements (Recommended) Attribute Statements allow PostGrid to receive user details like name and email from Okta, enabling better user identification and personalization. **Why this is recommended**: Passing user details eliminates the need for users to re-enter their information and improves the PostGrid experience. Configure the following attributes: ![Okta Attribute Statements section with rows mapping user attributes like email and name to PostGrid fields](/_astro/04-image.BxpvWqRM_Z1zL7f3.webp) **Tip**: Click **Add Another** to add additional attribute rows if needed. ## Step 5: Complete Feedback and Create Application 1. Select the appropriate feedback option based on your use case: - “I’m an Okta customer adding an internal app” - “I’m a software vendor. I’d like to integrate my app with Okta” 2. Click **Finish** to create the application ## Step 6: Assign Users to the Application Once your application is created, assign Okta users to enable their access to PostGrid. 1. Navigate to the **Assignments** tab 2. Click **Assign** > **Assign to People** or **Assign to Groups** 3. Select users/groups who should have PostGrid access 4. Click **Done** **Important**: Users must be assigned to this application before they can sign in to PostGrid via SSO. For detailed instructions on how to assign users or groups to your application, refer to the official Okta documentation: **[Assign app integrations - Okta Documentation](https://help.okta.com/en-us/Content/Topics/Apps/apps-assign-applications.htm)** ## Step 7: Retrieve SAML Configuration Details Retrieve SAML Configuration Details PostGrid will require: 1. **Sign In URL** 2. **X509 Signing Certificate** To find these details: 1. Navigate to the **Sign On** tab in your PostGrid SSO application 2. Find and click the link **“View SAML setup instructions”** ![Okta Sign On tab for the PostGrid SSO application showing the View SAML setup instructions link](/_astro/05-image.CAabcTub_SDfof.webp) ## Step 8: Review the Configuration Details Below is an example of the details you’ll see: - **Identity Provider Single Sign-On URL** - **Identity Provider Issuer** - **X.509 Certificate** (with Download certificate option) ![Okta SAML setup instructions page showing the Identity Provider SSO URL, Issuer, and X.509 Certificate to share with PostGrid](/_astro/06-image.Bkj71tYs_1xKTuz.webp) ## Step 9: Forward Information to PostGrid Please forward this information to either your account manager or a PostGrid engineer working with your team. **Best practice**: For the certificate, simply forward the file. **Additional requirement**: Please provide the email domain for which all logins will be scoped. This can be either one domain or a comma separated list. **Contact**: or