SAML Single Sign-on with Okta

Security Assertion Markup Language (SAML) gives users secure access to EverSQL (SP) through an identity provider (IDP) of your choice. It works by transferring the user’s identity from one place (the identity provider) to another (EverSQL). Enabling SAML through EverSQL can be done in few easy steps!

Note: SAML SSO is available to Enterprise plans only. Other federated authentication methods such as Google Single Sign-On is available on all plans.

Configure Okta SSO with EverSQL

Step 1: Create a SAML app in Okta

  1. Open Okta's admin dashboard.
  2. In the left navigation menu, expand Applications, and then choose Applications.
  3. Choose Create App Integration.
  4. In the Create a new app integration menu, choose SAML 2.0 as the Sign-in method.
  5. Choose Next.

Step 2: Configure SAML integration for your Okta app

  1. On the Create SAML Integration page, under General Settings, enter a name for your app (i.e., EverSQL).
  2. (Optional) Upload a logo and choose the visibility settings for your app.
  3. Choose Next.
  4. Under GENERAL, for Single sign on URL, enter https://eversql.auth.us-east-2.amazoncognito.com/saml2/idpresponse
  5. For Audience URI (SP Entity ID), enter urn:amazon:cognito:sp:us-east-2_J4NozvhuU
  6. Under Attribute Statements (Optional), add a statement with the following information:
    For Name, enter the SAML attribute name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress.
    For Value, enter user.email.
  7. For all other settings on the page, leave them as their default values or set them according to your preferences.
  8. Choose Next.
  9. Choose a feedback response for Okta Support.
  10. Choose Finish.

Step 3: Assign users to your Okta application

To assigns users to the EverSQL app:

  1. On the Assignments tab for your Okta app, for Assign, choose Assign to People.
  2. Choose Assign next to the users that you want to assign. Choose Save and Go Back. Your user is assigned.
  3. Choose Done.

Step 4: Get the IdP metadata for your Okta application

On the Sign On tab for your Okta app, find the Identity Provider metadata hyperlink. Right-click the hyperlink, and then copy the URL.

Send the URL to your EverSQL account manager, or to [email protected] to request setting up your organization with SAML SSO.

Login to EverSQL - Service Provider Initiated Authentication

Once you completed the steps above, and our team finished setting the SAML configuration on our end, you can guide your team to login via EverSQL's login page.

If you prefer to login from the Okta dashboard (via the Okta App you created), please see the section below.

Login to EverSQL - Identify Provider Initiated Authentication

To be able to sign in from the Okta App, you can add an integration to Okta Bookmark App. You can follow a few easy steps in Okta's documentation page.

Once you followed these steps, your team can sign in directly from their Okta dashboard.