Single Sign-On (SSO)
Configure Single Sign-On (SSO) for user authentication.
Single Sign-On (SSO) is available for with the teams add-on. See pricing or talk to sales for more details.
Okta configuration
This guide covers configuring your Okta identity provider with Propel for single sign-on to Propel Console.
Create a new app integration
Once you’ve logged into the Okta Admin console, you will need to create a new app:
- Navigate to “Applications” → “Applications”
- Click the button “Create App Integration”
Create a new SAML App Integration
Choose “SAML 2.0” as the sign-on method:
Configure general settings
- Enter “Propel” for the “App name”
- (Optional) Add the Propel logo by downloading it here
Configure SAML settings
-
Copy and paste the following value for “Single sign-on URL”:
-
Copy and paste the following value for “Audience URI (SP Entity ID)”:
-
Add the following values to the “Attribute Statements (optional)“:
Name Name Format Value email Unspecified user.email name Unspecified user.displayName
Provide feedback
- Choose “I’m an Okta customer…”
- Click the “Contact App vendor” checkbox
Copy Metadata URL
You must copy the Metadata URL and send this to Propel via your shared Slack channel. Failure to do so may result in incomplete SSO configuration.
Create an Okta Bookmark
After Propel has received your Metadata URL and completed the necessary configuration:
- Customer support will provide a URL for creating an Okta Bookmark
- Create a new Okta Bookmark app
- Enter the URL provided by customer support
Propel’s current authentication provider does not support IdP-initiated SSO.
Managing users
Once you have set up SAML with Okta, you’ll need to manage user access to Propel. This section covers how to add users, guide them through the login process, and remove access when necessary.
Adding a user
To add a user you need to:
Add user to Okta app
To add a user to the Okta app “Propel”:
- Log in to your Okta admin dashboard.
- Navigate to the “Applications” section.
- Find and select the “Propel” application.
- Click on the “Assignments” tab.
- Use the “Assign” button to add the user to the application.
Guide user to log in
To help the user log in to the Propel Console:
- Provide the user with the Propel Console login URL: https://console.propeldata.com/login.
- Instruct the user to enter their email address associated with their Okta account.
- The user should then be redirected to Okta for authentication.
- Upon successful authentication, they will be granted access to the Propel Console.
Verify email address
Ensure that the user’s email address in Okta matches the one they use to log in to the Propel Console.
Logging in to the Propel Console
To login to the Propel Console, you need to:
Navigate to Propel Console
Navigate to https://console.propeldata.com/login.
Enter email address
Enter the email address of the user.
Initiate login
Click the “Login” button.
When using Okta for authentication with Propel, you must initiate the login process from Propel’s login page. Clicking the “Propel” bookmark in the Okta portal will not work. Always navigate directly to Propel’s login page to access your account.
Removing a user
To remove a user’s access to Propel, follow these steps:
Remove user from Okta app
To remove the user from the Okta app “Propel”:
- Log in to your Okta admin dashboard.
- Navigate to the “Applications” section.
- Find and select the “Propel” application.
- Click on the “Assignments” tab.
- Locate the user and click “Unassign” to remove them from the application.
Remove user from Propel Console
To remove the user from the Propel Console:
- Log in to the Propel Console.
- Navigate to the Users section.
- Find the user you want to remove.
- Click on the options menu (usually represented by three dots) next to the user’s name.
- Select “Delete user” to delete the user from Propel.
Verify access removal
To ensure the user’s access has been completely removed:
- Confirm that the user can no longer log in to the Propel Console using their Okta credentials.
- Check that any active sessions for this user have been terminated.
It’s important to perform both steps to ensure complete removal of access. Removing the user from Okta prevents future logins, while removing them from the Propel Console ensures they no longer have an account within Propel’s system.