How To Set Up Your Own Okta App (SAML)

Last updated 12/01/2023

Step 1

Log in to your Okta account as an Administrator.

Step 2

In the left navigation, click the Applications dropdown, then click on Applications.

Step 3

On the Applications page, click the Create App Integration button.

Step 4

  • For Sign-on method, select SAML 2.0.
  • Click Next.
Step 4

Step 5

For Application Name, enter your organization’s name. Then, click Next.

Step 5

Step 6

  • For Single sign-on URL enter:

    https://api.breadbutter.io/callback

  • For Audience URI (SP Entity ID) enter your App ID (App ID can be found under Settings in Bread & Butter)
Step 6

Step 7

Click Show Advanced Settings, ensure that the following are set:

  • Response set to Signed
  • Assertion Signature set to Signed
  • Assertion Encryption set to Unencrypted
Step 7

Step 8

Under Attribute Statements (Optional), add the following entries:

  • Name email and value user.email
  • Name first_name and value user.firstName
  • Name last_name and value user.lastName
  • Name uid and value user.id (please note that you will need to type this value, as it is not in the dropdown)

Click Next.

Step 8

Step 9

  • Select I’m an Okta customer adding an internal app
  • Select This is an internal app that we have created.
  • Click Finish.
Step 9

Step 10

  • Go to the Sign On tab and scroll down to SAML Signing Certificates.
  • Click Actions, then View IdP Metadata for the active certificate.
Step 10

Step 11

  • Take note of the entityID as your Identity Provider Issuer.
  • Take note of the Location as your Identity Provider Single Sign-On URL.
  • Take note of the X509Certificate value.
  • Use these values in step 13.
Step 11

Step 12

Go to the Assignments tab and assign your users or groups to this Okta app.

Step 13

Bread & Butter Setup:

  1. Go to https://app.breadbutter.io/sign-in/
  2. Click Sign In and authenticate (or Sign Up make a new account and authenticate).
  3. Go to Settings in the left menu.
  4. Click on the Okta button under SSO Settings > Enterprise Accounts.
  5. Choose SAML for the protocol.
  6. Enter a name.
  7. Enter a description (optional).
  8. Enter the Identity Provider Single Sign-On URL from the Okta setup instructions above.
  9. Enter the Identity Provider Issuer from the Okta setup instructions above.
  10. Enter the X.509 Certificate from the Okta setup instructions above. Do not include -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
  11. Click Save.
  12. Enable Okta by clicking the new entry in the Okta Identity Providers list.
Step 13

©2023 Bread & Butter IO Inc. - All Rights Reserved. Privacy policy | Terms of Service

API

Add authentication & API event tracking to your website/app with a script tag & configuration