Skip to main content

Okta single sign-on (SSO)

tip

Okta Single Sign-On (SSO) for Propel Console is available for customers with Propel Enterprise. See pricing or talk to sales for more details.

Okta configuration​

This guide covers configuring your Okta identity provider with Propel for single sign-on to Propel Console.

1. Create a new app integration​

Once you've logged into the Okta Admin console, you will need to create a new app, this can be done by navigating to "Applications" → "Applications" then click the button "Create App Integration".

A screenshot showing how to create a new app integration in Okta.

2. Create a new SAML App Integration​

Choose "SAML 2.0":

A screenshot showing the selection of SAML 2.0 as the sign-on method for a new app integration in Okta.

3. General settings​

Enter "Propel" for the "App name" and if you'd like to add the Propel logo you can download it here

A screenshot showing the general settings for creating a new SAML integration in Okta, including app name and logo upload.

4. SAML settings​

Copy and paste the value below for "Single sign-on URL" as seen in the image:

https://idp.propeldata.com/saml2/idpresponse

Copy and paste the value below for "Audience URI (SP Entity ID)" as seen in the image:

urn:amazon:cognito:sp:us-east-2_xJZCRvbM3

Add the values from the table to the "Attribute Statements (optional)":

NameName FormatValue
emailUnspecifieduser.email
nameUnspecifieduser.displayName

A screenshot showing the SAML settings configuration for Propel in Okta, including Single sign-on URL, Audience URI, and Attribute Statements.

5. Feedback​

Choose "I'm an Okta customer..." and then click the "Contact App vendor" checkbox:

A screenshot showing the feedback section when creating a new SAML app integration in Okta.

6. Metadata​

caution

You must copy the Metadata URL and send this to Propel via your shared Slack channel.

A screenshot showing the Metadata URL for the SAML configuration in Okta.

7. Create an Okta Bookmark​

After Propel has received your Metadata URL from step 6 and completed the necessary configuration, customer support will provide a URL that can be used to create an Okta Bookmark. Propel's current authentication provider does not support IdP-initiated SSO.

A screenshot showing how to create a new Okta bookmark app.

A screenshot showing how to add a new app integration in Okta.

Enter the URL that you received from customer support:

A screenshot showing the URL configuration for the Okta bookmark app.

Managing users​

Once you have set up SAML with Okta, you'll need to manage user access to Propel. This section covers how to add users, guide them through the login process, and remove access when necessary.

Adding a user​

To add a user you need to:

  1. Add the user to the Okta app "Propel":

    • Log in to your Okta admin dashboard.
    • Navigate to the "Applications" section.
    • Find and select the "Propel" application.
    • Click on the "Assignments" tab.
    • Use the "Assign" button to add the user to the application.
  2. Guide the user to log in to the Propel Console:

    • Provide the user with the Propel Console login URL: https://console.propeldata.com/login.
    • Instruct the user to enter their email address associated with their Okta account.
    • The user should then be redirected to Okta for authentication.
    • Upon successful authentication, they will be granted access to the Propel Console.

Note: Ensure that the user's email address in Okta matches the one they use to log in to the Propel Console.

Logging in to the Propel Console​

To login to the Propel Console, you need to:

  1. Navigate to https://console.propeldata.com/login.
  2. Enter the email address of the user.
  3. Click the "Login" button.
caution

When using Okta for authentication with Propel, you must initiate the login process from Propel's login page. Clicking the "Propel" bookmark in the Okta portal will not work. Always navigate directly to Propel's login page to access your account.

Removing a user​

To remove a user's access to Propel, follow these steps:

  1. Remove the user from the Okta app "Propel":

    • Log in to your Okta admin dashboard.
    • Navigate to the "Applications" section.
    • Find and select the "Propel" application.
    • Click on the "Assignments" tab.
    • Locate the user and click "Unassign" to remove them from the application.
  2. Remove the user from the Propel Console:

    • Log in to the Propel Console.
    • Navigate to the Users section.
    • Find the user you want to remove.
    • Click on the options menu (usually represented by three dots) next to the user's name.
    • Select "Delete user" to delete the user from Propel.
  3. Verify access removal:

    • The user will no longer be able to log in to the Propel Console using their Okta credentials.
    • Any active sessions for this user will be terminated.

Note: It's important to perform both steps to ensure complete removal of access. Removing the user from Okta prevents future logins, while removing them from the Propel Console ensures they no longer have an account within Propel's system.