Skip to content
Contact us
  • There are no suggestions because the search field is empty.

Single Sign-on - Okta 

This guide helps administrators connect Okta to Security Journey using Single Sign-On (SSO). Follow step-by-step instructions to enable secure login, understand supported features, and resolve common setup issues.

Overview

Okta is a cloud-based identity management service that provides secure authentication and SSO across applications. Using this integration, your users can sign in to Security Journey using their Okta credentials via SAML 2.0.

All SSO communication occurs over TLS/SSL for secure message exchange. 

Prerequisites

Before beginning, make sure you have:

Security Journey

  • An Admin-level Security Journey account with access to SSO settings. 

Okta

  • An Okta organization on version 2016.07 or later.
  • A user with Application Admin privileges in Okta.

Supported Features

This SAML integration supports:

  • Service Provider (SP)-initiated SSO
  • Just-In-Time (JIT) Provisioning
  • SCIM provisioning (optional)

For details on SCIM (automated user provisioning), see Setting Up SCIM with Okta.

Configuration Steps

Follow these steps to configure Okta SSO with Security Journey:

  1. Log in to your Okta admin dashboard.
  2. Go to Applications.
  3. Click Browse App Catalog.
  4. Search for Security Journey and choose Add Integration
  5. (Optional) Update the Application Label.
  6. Under Application Visibility, uncheck 'Do not display application icon to users.' (see note)
  7. Continue to the Sign-On Options screen. By default, SAML 2.0 will be selected. 
  8. Obtain the Okta Metadata URL and copy it.
  9. Paste the metadata URL in the SSO configuration field within your Security Journey SSO settings. 

Our site doesn't support IdP-initiated login flow but you can simulate this by following the instructions below.

Login URL

Once configured with Okta, users can log in via: https://my.securityjourney.com/

Simulate an IdP-Initiated Login

Security Journey only supports SP-initiated SSO by default. However, you can simulate an IdP-initiated login experience in Okta using a Bookmark App:

  1. In Okta, go to Applications.
  2. Search for Bookmark App and select Add Integration.
  3. Update the Application Label as needed.
  4. Set the bookmark URL to:
    https://my.securityjourney.com/login/?domain=yourcompany.com
    (Replace yourcompany.com with your own company domain.) 
  5. Save the application.

This lets users click a link within Okta that takes them directly to Security Journey’s login page, effectively mimicking an IdP-initiated workflow.

Troubleshooting

Error: Invalid samlResponse or relayState

This typically occurs when attempting to sign in from the Okta dashboard without using the Bookmark App workaround.

If you encounter this error:

  • Ensure users launch Security Journey via the SP-initiated URL: https://my.securityjourney.com/
  • Or configure the Bookmark App as outlined above.

Next Steps / Related Articles