Create the SAML Application

To get started navigate to the Applications tab of the Okta console.

Click Create App Integration, then select the SAML 2.0 option. Click Next then Give your application a suitable name then click Next.

Configure the SAML Application

Set the Single sign-on URL field to be first_time_setup_config.saml_sso_acs_url from the deployment outputs.

Set the Audience URI (SP Entity ID) field to be first_time_setup_config.saml_sso_entity_id from the deployment outputs.

In Attributes Statements set Name to and Value to user.mail.

Click Next then Finish

You’ll need to assign yourself and other users to the SAML application before you can login.

Setup the SAML SSO provider in your deployment

Copy the Metadata URL from the Sign On tab of your newly created application.

Add the following variables to your Terraform deployment

saml_provider_name    = "Okta"
saml_metadata_is_file = false
saml_metadata_source  = <The SAML metadata URL>

Now, run a deployment:

terraform apply