๐Okta Integration
Last updated
Last updated
In order to configure Okta integration with Metro Retro you will need:
Admin access to your Metro Retro account.
Admin access to your Okta account.
One or more authorized domains adding to your Metro Retro account (see end of article).
A note of your organizations Metro Retro Account ID.
Before you begin, you will need your organization's 12 character Metro Retro Account ID. You can find this in the under the management menu within Metro Retro: https://metroretro.io/manage
From within the Okta dashboard, choose Applications and Create App Integration. Select SAML 2.0 and press Next. Set the name as Metro Retro and optionally add an icon. We have prepared an Okta compatible logo image here: https://s.metroretro.io/site/logo/okta.png
Click Next.
Under SAML Settings, set the Single Sign-On URL to https://metroretro.io/login/saml and set Audience URI (SP Entity ID) to Your Account ID (see start of document).
Under Attribute Statements, add the following mappings:
firstName (basic) -> user.firstName
lastName (basic) -> user.lastName
email (basic) -> user.email
Click Next.
Choose "I'm an Okta customer adding an internal app". You may optionally fill in any other fields on this form that are appropriate for your organization, they are not required for the integration to work.
Click Finish.
You should see the screen below, if not, click View Setup Instructions. The three values on the setup screen need to be added to Metro Retro under Management / Single Sign-On.
Once added, click Save Configuration. We recommend leaving the "Restrict login" setting off until you are sure all your team members are able to login via SSO otherwise it may block their access.
If you have not already had your authorized domains configured by a Metro Retro team member, please contact us on Intercom or at contact@metroretro.io to set these up. The domains must include all domains that your team will login from.