Configure an Okta SSO integration 🔗
The Okta SSO integration lets you log into Observability Cloud using Okta.
Before you begin to configure the Okta SSO integration, ensure you have completed the steps in Configure SSO integrations for Splunk Observability Cloud, including the section Name an SSO integration to learn about naming your integrations.
To follow this procedure, you must be an administrator of your Okta organization and an administrator of your Observability Cloud organization.
Open a browser tab or window for Observability Cloud, and another for Okta.
- Switch to Okta, then follow these steps to add Observability Cloud as an Okta application:
Select Admin, then select Applications
Select Add Application.
In the directory that appears, find for SignalFx, then add it by selecting Add.
- Switch to Observability Cloud:
Log in to Splunk Observability Cloud.
Open the Okta guided setup . Optionally, you can navigate to the guided setup on your own:
In the left navigation menu, select.
Select Add Integration.
In the integration filter menu, select All.
In the Search field, search for Okta, and select it.
In the Name text box, enter the name of your integration.
Copy the Integration ID value. Even if you have multiple organizations that you want to integrate with Okta SSO, leave Integration-specific Entity ID deselected. The Observability Cloud Okta integration provides this automatically for multiple organizations.
- Switch back to Okta:
Paste the integration ID value into the Integration ID text box, then select Next.
Assign the SignalFx application to users in your Okta organization, then select Next.
Select Sign on, then select View Setup instructions.
- Copy the following strings from the instructions, and paste them into a text editor:
URLs must belong to Okta in order to validate. Accepted domains are
- Switch to Observability Cloud to finish:
Copy and paste the Okta Public Key value into the Public Key text box.
Copy and paste the Okta Issuer URL value into the Issuer URL text box.
Copy and paste the Okta Metadata URL value into the Metadata URL text box.
Select Save. The message Validated! appears.
If you get an error, check the values that you copied and pasted.
The Okta SSO integration is now available to users in your Okta organization. When users log in to Observability Cloud from Okta for the first time, they receive an email containing a link that they must open in order to authenticate. This only occurs the first time the user signs in. Subsequent login attempts don’t require validation.
If you want to turn off email authentication, contact Splunk Observability Cloud support.
Once you have a custom URL configured, your users can continue to log in using their existing username/password pair, or they can use their Okta credentials instead. Okta SSO authentication and Observability Cloud username/password authentication are independent.
Observability Cloud generates a password for users you create in Okta SSO. If the Okta login portal is unavailable, Observability Cloud users can use the reset password link on the Observability Cloud login page to get native Observability Cloud credentials.
If you are a Splunk Observability Cloud customer and are not able to see your data in Splunk Observability Cloud, you can get help in the following ways.
Available to Splunk Observability Cloud customers
Available to prospective customers and free trial users
Ask a question and get answers through community support at Splunk Answers .
Join the Splunk #observability user group Slack channel to communicate with customers, partners, and Splunk employees worldwide. To join, see Chat groups in the Get Started with Splunk Community manual.
To learn about even more support options, see Splunk Customer Success .