Instructions for enabling Okta Single Sign-On with Swarmia
Supported features
Swarmia supports Service Provider-initiated authentication flow using Okta SSO. Once Okta SSO has been enabled for your Swarmia organization, it's the only login method supported.
Prerequisites
To configure SSO through Okta you need to:
- Have installed the Swarmia GitHub app
- Be an admin of your Swarmia organization
- Have access to an Okta tenant, and be an application administrator of that tenant
Enable the Okta integration
Enabling Okta SSO to Swarmia consists of two steps:
- Installing the Swarmia Okta application through OIN
- Sharing the application credentials with Swarmia
Install the Swarmia Okta application through OIN
- Install the Swarmia Okta application from OIN. Or navigate to Applications → Browse App Catalog, search for Swarmia, and install the application.
- Assign users or groups to Swarmia
- Navigate to the Swarmia Okta Application "General" tab, to inspect the client credentials
Connect the Swarmia Okta application to Swarmia
After creating or installing the Swarmia Okta application, share the credentials with Swarmia on the Okta settings page.
The installation will:
- verify that you have access to Okta
- enable the SSO for your organization
- expire all current Github-initiated sessions
- require you to log in again
- Navigate to the Okta settings page https://app.swarmia.com/settings/okta
- Input the required fields
- Issuer URL (https://yourcompany.okta.com, without the -admin suffix)
- Client ID
- Client Secret - Click Connect Okta
- Log in back to Okta
Log in to Swarmia using Okta
After you have connected Okta with Swarmia you can log in to Swarmia from a company-specific URL:
https://app.swarmia.com/login/okta/<your organization github login>
You can find the organization name on the Okta settings page.
Disabling the Okta integration
If you wish to disable Okta SSO and revert to GitHub GitHub-initiated login, contact support at hello@swarmia.com.
Manual installation guide
- Create an Application integration in Okta. Navigate to your Okta admin console: Applications → Applications.
- Create a new App Integration with the following settings:
Sign-in method: OIDC
Application type: Web Application - Configure the application settings
App Integration name: Swarmia
Grant types:
- Client acting on behalf of itself
- ✅ Client credentials
- Client acting on behalf of a user
- ✅ Authorization Code
- ✅ Refresh Code
- Sign-in redirect URIs
- https://app.swarmia.com/auth/okta/callback
- https://app.swarmia.com/auth/okta/auth/okta/verify
- Sign-out redirect URIs
- https://app.swarmia.com/logout -
Assign access to the appropriate groups
- Click save
- Navigate to the Swarmia Okta Application "General" tab, to inspect the client credentials
- Share the credentials similarly to the Connect the Swarmia Okta application to Swarmia steps