Okta SSO Integration

Creating an Application

1. To get started, open the administration panel in your Okta portal, then head to Applications.
2. Find and click Create App Integration:

3. Set the Sign-in method to OIDC and the Application type to Web Application:

4. Give your new application a name (Pivott) and optionally upload our Pivott logo:

Setting the Redirect URLs

1. Set sign-in and sign-out URLs for your application to authenticate a response from the Pivott app.
   • Sign-in redirect URI: https://app.pivott.io/api/login/oauth/?sso=okta 
   • Sign-out redirect URI: https://app.pivott.io/

2. Scroll to the bottom of the page and hit Save.
3. You should now see Pivott as an application in your Applications list:

Assigning Users

1. To assign users, disable Federation Broker Mode under Applications → General:

2. Then under Applications → Assignments assign users to the app either by people or by groups (depending on your preferred corporate processes):

Sharing the Configuration Details

1. You’ll need to share the following details of the application you’ve created with your Pivott account manager:

• Your Okta domain (i.e. company.okta.com)
• Client ID
• Client Secret 

2. To find the Client ID and Client Secret for Pivott, click to open your newly created application and find the corresponding fields:

Final Setup

1. Once Pivott staff have added your Client ID and Secret to your account, we will be in contact to confirm the integration has been completed.

Logging into Pivott Using Okta

1. To log into Pivott using your new Okta single sign-on, head to https://app.pivott.io/ and select Sign in with Okta.

2. Then, enter your work email address associated with your Okta account:

Troubleshooting

If you have any questions or issues setting up your Okta application please reach out to us at help@pivott.io or through your Pivott account manager. 

You can also reach out any time using Contact Support inside the application or using https://www.pivott.io/contact.