# Configure Okta for sso

### Enable sso in Lineaje application

Keep the EntityID and Callback URL handy

<figure><img src="/files/V1U3wgqheS8cvBRpPqed" alt="" width="563"><figcaption></figcaption></figure>

### Create an application in Okta

* Go to Okta portal and switch to admin mode.
* From the left-hand side navigation pane, go to Applications -> Applications

<figure><img src="/files/sjLiQreGbHhiSJRgbl3a" alt="" width="563"><figcaption></figcaption></figure>

* Click on "Create APP Integration"
* Select SAML 2.0 and click next.
* Enter the app name, say "Demo-Okta-Sample"

<figure><img src="/files/qSz10KrKEjmhUTQcbxxf" alt="" width="563"><figcaption></figcaption></figure>

### Configure SAML in Okta

* Fill the following values into their respective SAML configurations.
  * *Audience URI (Entity ID)* -> Entity ID which you have generated in Lineaje application
  * *Single sign-on URL* -> Post callback URL which you have generated in Lineaje application.
  * Select the Name ID Format as "EmailAddress"

<figure><img src="/files/SvgkW8b4p2CCv44YKQ7Z" alt="" width="547"><figcaption></figcaption></figure>

* Set the Attribute Statements. These attributes will be part of SAML assertion and this is required for Lineaje auth to function.

<figure><img src="/files/OD3UPbwOfEZ4DtiZhUCa" alt="" width="563"><figcaption></figcaption></figure>

* Click on following options and click on Finish. Depending on the version of Okta, there could be slightly different screens shown. Two variations are shown below.

<figure><img src="/files/k8TN2hmB0Y8yEUnSTMiH" alt="" width="557"><figcaption></figcaption></figure>

<figure><img src="/files/LsdRkNMokVMdcq8COY1O" alt="" width="563"><figcaption></figcaption></figure>

### Assign users or groups

* Goto Assignments tab
* Assign individual users or groups to the application.

<figure><img src="/files/vmxAIZLlN7atVdOL0JtC" alt="" width="563"><figcaption></figcaption></figure>

### Follow SAML setup instructions in Okta

* Go to Sign On-> View SAML setup instructions link

<figure><img src="/files/YymXTlyrKPVwK0RsFpMC" alt="" width="563"><figcaption></figcaption></figure>

* Copy the identity provider single sign-on url, download the x.509 certificate

<figure><img src="/files/HA4qgeEtO3JoDHv89rXB" alt="" width="563"><figcaption></figcaption></figure>

### Configure the Lineaje application

* Go back to Lineaje application
* Copy the identity provider single sign-on url in "Sign-in URL"
* Upload the certificate from previous step.

<figure><img src="/files/cnvsHRkpzCd6gq59689e" alt="" width="563"><figcaption></figcaption></figure>

* Proceed with activating Single Sign On(SSO)

<figure><img src="/files/oqAaABa9njyGlj3Ix2hP" alt="" width="540"><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.veedna.com/getting-started/create-an-account/configure-okta-for-sso.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.