Okta

SSO with Okta is available on Postman Enterprise plans.

To configure SSO with Okta, you can use the available Postman app in Okta or create a custom SAML application. You must be an administrator in both Okta and Postman to configure SSO for your team.

Configuring SSO with Okta

Before configuring SSO in Okta, you must configure SSO in Postman. When choosing the Authentication Type, select Okta. Name your authentication and Continue.

Configure identity provider details in Postman

To continue configuring SSO with Okta, choose one of the following:

Configuring SSO using the Postman Okta app

It's recommended that you configure SSO with Okta using the Postman Okta app.

To continue configuring the Postman app in Okta, do the following:

  1. Open your Okta admin console in a new tab.

  2. Go to Applications, and then select Applications.

  3. Select Browse App Catalog.

    Create new Okta app

  4. Search for "Postman". Select the Postman app from the results, and then select Add Integration.

    Add Postman integration

  5. In the General Settings screen, enter an application label you'll recognize later, and then select Done.

  6. Select the Sign On tab, and then select Edit.

    View sign on method settings

  7. Take the Relay state generated from Postman and add it as your Default Relay State. Upload the Encryption Certificate downloaded from Postman. Take the ACS URL from Postman and add it to your configuration in Okta, and then select Save.

    Edit sign on method settings

  8. Select View SAML setup instructions to display SAML configuration instructions, including the identity provider (IdP) details.

  9. In Postman, enter the SSO URL, Identity provider issuer, and X.509 Certificate individually under Identity provider details.

  10. Select Save Authentication in Postman.

Configuring SSO using a custom SAML app

To continue configuring your custom SAML application, do the following:

You can't use a custom SAML app to configure SCIM provisioning through Okta.

  1. Open your Okta admin console in a new tab.

  2. Go to Applications, and then select Applications.

  3. Select Create App Integration.

    Create new Okta app

  4. In the Create a new app integration screen, select SAML 2.0 and then select Next.

    Select sign-in method

  5. In the General Settings tab, enter an app name you'll recognize later, and then select Next.

  6. In the Configure SAML tab, take the ACS URL from Postman and add it as your Single sign-on URL. Take the Entity ID from Postman and add it as your Audience URI (SP Entity ID). Take the Relay state generated from Postman and add it as your Default RelayState. Select EmailAddress as the name ID format.

    Configure custom SAML settings

  7. Select Show Advanced Settings. Select Encrypted as the assertion encryption, AES128-CBC as the encryption algorithm, and RSA-1.5 as the key transport algorithm. Upload the Encryption Certificate downloaded from Postman, and then select Next.

    Configure advanced custom SAML settings

  8. In the Feedback tab, select I'm an Okta customer adding an internal app. Select This is an internal app that we have created as the app type, and then select Finish.

  9. Select the Sign On tab, and then select View SAML setup instructions to display the IdP details.

    View identity provider details

  10. In Postman, enter the SSO URL, Identity provider issuer, and X.509 Certificate individually under Identity provider details.

  11. Select Save Authentication in Postman.

Next steps

Now that you've set up SSO with Okta using the Postman app, you can learn about setting up SCIM provisioning:

Last modified: 2023/01/19

Postmanaut dancing. Illustration.