Skip to main content

Okta SSO Setup Guide (SAML)

Use this guide to enable Single Sign-On (SSO) using the SAML 2.0 protocol for an individual Alteryx One workspace using Okta.

Required Permissions

To enable SSO with Okta, you must satisfy these requirements:

  • Be a user on a Professional or Enterprise Alteryx One plan.

  • Have a Workspace Admin role assigned to you.

  • Have administrative access in the target Okta instance.

Okta Setup

Follow these steps to create an OIDC app integration in Okta:

注意

Do not enable Assertion Encryption in Advanced Settings. Alteryx One does not support assertion encryption and instead uses HTTPS to protect SAML payloads.

注意

Do not enable Signed Requests in Advanced Settings. Okta’s signature verification for requests is incompatible with Alteryx One.

  1. Sign in to your Alteryx One workspace.

  2. Go to Profile menu > Workspace Admin > Single Sign-On.

  3. Under Protocol, select SAML.

  4. Note and copy the prepopulated Assertion Consumer Service URL. You will use this later.

  5. Note and copy the prepopulated Service Provider Entity URL. You will use this later.

  6. Sign in to your Okta Portal as an administrator.

  7. Select Create App Integration.

  8. Select SAML 2.0.

  9. In the App Name field, enter a name for your app. For example, the name of your Alteryx One workspace.

  10. Select Next.

  11. Under General, in the Single sign on URL field, paste the Assertion Consumer Service URL value you copied from your Alteryx One workspace.

  12. Under General, in the Audience URI (SP Entity ID) field, paste the Service Provider Entity ID value you copied from your Alteryx One workspace.

  13. Under Attribute Statements (optional), in the Name field, enter email.

  14. Next to the Name field, in the Value dropdown, select user.email.

  15. Select Next.

  16. Select the I'm an Okta customer adding an internal app option.

  17. Select Finish.

  18. From the app page, go to Sign On > Settings > Metadata Details and then note and copy the Metadata URL. You will use this later.

Alteryx One SSO Setup

Return to your Alteryx One workspace and then follow these steps:

Configure SSO

  1. Go to Profile menu > Workspace Admin > Single Sign-On.

  2. Under Protocol, select SAML.

  3. In the Email Mapping SAML Attribute field, enter email.

  4. In the Metadata URL field, paste the Metadata URL value you copied from Okta.

  5. Select Import From URL. Multiple fields should auto-populate.

  6. Select SaveAlteryx One redirects you to the Test Connection page.

  7. Select View Configuration Details.

  8. Note and copy the prepopulated Relay State URL. You will use this later. 

  9. Go back to the application in the Okta Portal.

  10. Go to General > SAML Settings and then select Edit.

  11. Go to Default Relay State and then paste the Relay State URL value you copied from your Alteryx One workspace.

  12. Select Save.

Test Connection

  1. Return to your Alteryx One workspace.

  2. Select Test Connection. A dialog then opens, prompting you to sign in to verify the integration.

  3. Enter your Okta credentials if you aren't already signed in. The dialog automatically closes if the integration has been verified.

Enable SSO

  1. Select Enable SSO.

  2. Select Confirm. Once enabled, users can only sign in to the workspace using their Okta credentials.