SAML and OKTA SSO Configuration

The integration has two steps, one on the Service Provider side and one on the Datarails side.

Step 1 - Datarails

Enforce Login Authorization Method

Admins can define the login authorization method for their organization.

In the new page that opens, find your organization (there may be only one) and click on the three dots ellipsis.
Then from the dropdown choose, Enforce Auth Method For Admins

Select “SAML” method and click the “Save” button
Click Save.
Click on the three dots on the right of the organization, and select Edit SAML Configurations:
Enter the information from the SAML site in the following screen:
Name: Name this SSO
IDP Issue (entityID): Will be popluted automatically. The unique identifier for the Identity Provider (IdP) in a SAML configuration
IDP Medadata URL: The link provided by the Identity Provider that contains all the configuration information the Service Provider needs to set up SAML SSO. For OKTA instructions on creating this link go to Step 2
Click Save

User Login flow

1. In the login screen select the SAML button
2. Fill the domain and click “Sign In”

To enable SCIM-based provisioning, you must generate an authentication token associated with your user account. Follow these steps:

Navigate to Datarails Admin > Members & Groups.
Locate your user account (SCIM operations will be executed under this user).
Click the three-dot menu next to your user entry and select SCIM Token.
Copy the generated SCIM token and SCIM base URL. These will be required when configuring SCIM in your identity provider (e.g., Okta).