How to Configure Single Sign-On (SSO) with Okta?
We will go over how to configure SAML-based Single Sign-On (SSO) with Okta in this post.
If you use Microsoft Azure Active Directory for SSO, refer to: How to Configure Single Sign-On (SSO) with Microsoft Azure Active Directory.
If you use Google for SSO, refer to: How to Configure Single Sign-On (SSO) with Google.
Create an application in Okta admin dashboard
First, we need to create an application in the Okta admin dashboard.
Log in to the dashboard, go to Applications->Applications->Create App Integration, select SAML 2.0, as illustrated below:
then click on Next. You will now be redirected to the General Settings tab:
enter DMARCLY as App name, upload the DMARCLY logo (optional), then click on Next. You are now on the Configure SAML tab.
You need to grab Service Provider Entity ID and Assertion Consumer Service URL from the DMARCLY dashboard. Log in to DMARCLY, go to System->Single Sign-On (SSO), toggle on the Enable Single Sign-On switch, and choose Okta as the Identity Provider:
then copy the Service Provider Entity ID value, switch back to Okta, paste the value in the SP Entity ID field; go to DMARCLY, copy the Assertion Consumer Service URL value, switch back to Okta, paste the value in the Single sign on URL field. Make sure to keep "Use this for Recipient URL and Destination URL" checked.
Once done, it should look like this:
Note: if you are in the EU zone, please make sure that both Service Provider Entity ID and Assertion Consumer Service URL start with https://eu.dmarcly.com, instead of https://dmarcly.com.
Click on Next. Check the "I'm an Okta customer adding an internal app" radio, then click on Finish.
Now you are on the DMARCLY application page. Click on View SAML setup instructions to open the instructions page, then scroll down and copy the IDP metadata.
Switch back to the DMARCLY dashboard, paste it in the IdP Metadata field:
then hit Update SSO.
Assign users to the application
Before a user in your tenant can use the application, you must assign the user to it. Go to the DMARCLY application page, click on the Assignments tab, then click on Assign->Assign to People:
click on the Assign button on a user you want to assign DMARCLY to, then click on Save and Go Back.
Repeat this step until all the users you want to assign to have been assigned to. Then click on Done on the Assign to People modal.
Create users in DMARCLY
To log in via SSO, in addition to a corresponding user account in Okta, a user must have an account in DMARCLY.
To create a user account in DMARCLY, log in to the dashboard, go to Users->Add User, enter the user email address and the other fields on the page, then click on Save User.
Log in via SSO
Now that you are done with the configuration, you can log in via SSO.
If you are a non-EU user, navigate to https://dmarcly.com/login-sso, otherwise navigate to https://eu.dmarcly.com/login-sso.
Now enter your account email with DMARCLY, then you will be redirected to the Okta login screen:
enter your credentials with Okta. Once authenticated, you will be redirected to the DMARCLY dashboard.
IdP-initiated SSO
You can also access DMARCLY directly from Okta. To do so, navigate to the Okta end user dashboard, enter the credentials to log in, go to My Apps and you will see a list of applications created in Okta:
If you followed the steps above in this article, you will see DMARCLY appear on that list. Simply click on the logo and you will be redirected to the DMARCLY dashboard.
Enforce SSO
You can enforce SSO so that all users must log in via SSO. That is, direct login will be disabled.
To enforce SSO, turn on the Enforce SSO checkbox in System->Single Sign-On (SSO) in the DMARCLY dashboard:
then click on Update SSO.
Now log out of your DMARCLY dashboard, and try to log in again on the direct login page, you will see some warning like this:
Simply click on the SSO link to proceed with SSO login.
Protect Business Email & Improve Email Deliverability
Get a 14 day trial. No credit card required.
Create Account