Python SDKSlack

Setting Up SSO with Okta

Prerequisites

  • Admin access to your Okta instance

  • Be ready to share one of the following:

    • A metadata URL

    • A metadata.xml file

Setting up Arize SSO in Okta (SAML 2.0)

To configure Single Sign-On for Arize in Okta, follow these steps:

  1. Create a New SAML 2.0 App in Okta

    • In the Okta Admin Console, go to Applications > Applications > Create App Integration

    • Select SAML 2.0 as the sign-in method

  2. Enter Arize SAML Settings

Configure Okta with the following information about the Arize Service.

  • SSO URL / ACS (Assertion Consumer Service) : https://app.arize.com/auth/v2/saml

  • URI / EntityID: https://app.arize.com

  • UserName / NameID format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

If needed for your Identity Provider, Arize SAML metadata.xml can be downloaded from https://app.arize.com/auth/v2/saml/metadata

  1. (Optional) Set Up Attribute Statements for Just-In-Time (JIT) Provisioning

  • Map user attributes as needed

  • Create a document to share with the Arize team that maps out the IdP configs. Be sure to include:

    • The Attribute Name/Value

    • The level of access including the relevant orgs and spaces (see different access levels here)

    • Refer to the example below for how to format/ submit attributes

Attribute Name/ Value
Account Admin (Yes/ No)
Space (if not account admin)
Org Access Level (Admin/ Member/ Read Only)
Space Access Level (Admin/ Member/ Read Only)

Arize_Admin

Yes

Arize_Developer

No

Dev

Read Only

Admin

  1. Send Your IdP Metadata to Arize

  • Once configured, send Arize your IdP metadata URL, or the metadata.xml directly.

Was this helpful?