Skip to main content

Overview

This guide walks you through configuring SAML single sign-on with Okta. You’ll create a new SAML application in Okta, configure the authentication settings, and establish a secure connection between your identity provider and Langdock. Once complete, your users will be able to sign in to Langdock using their Okta credentials.

Setup Checklist

Verify that you have completed these steps from the setup checklist:
  • You have access to an admin account in your Langdock workspace
  • “Join by domain” is enabled in your Langdock security settings
  • Your domain is added and verified in your Langdock security settings
  • You have an Okta account with the ability to create and manage Applications

Create a new SAML application in Okta

First, you need to create a new SAML application in your Okta Admin console. To do this, follow these steps:
  1. In your Okta Admin console, navigate to “Applications”“Applications”
  2. Click “Create App Integration”
  3. Select “SAML 2.0” as the sign-in method and click “Next”
  4. Name your application (e.g., “Langdock”) and, optionally, upload an app logo
  5. Click “Next”

SAML Configuration

Langdock uses SAML 2.0 as the standard for SSO authentication. After creating the application, you need to configure the SAML settings. In Langdock, navigate to your Security settings and copy the following values:
  1. The “Assertion Consumer Service (ACS) URL”
  2. The “Audience URI (SP Entity ID)” value (langdock.com)
In the “Configure SAML” step in Okta, fill in the following fields:
  1. “Single sign-on URL”: Paste the “Assertion Consumer Service (ACS) URL” from Langdock
  2. “Audience URI (SP Entity ID)”: Paste the “Audience URI (SP Entity ID)” value from Langdock (e.g., langdock.com)
  3. “Name ID format”: Select “EmailAddress”
  4. “Application username”: Select “Email”
You can leave the other fields with their default values. Click “Next” to proceed. On the feedback page, select “This is an internal app that we have created” and click “Finish”.

Connect Okta to Langdock

After finishing the application setup, you need to copy the Okta SAML metadata to Langdock. In the “Sign On” tab of your newly created Okta application:
  1. Click “View SAML setup instructions”
  2. Copy the “Identity Provider Single Sign-On URL” — this is your Sign on URL in Langdock
  3. Copy the Identity Provider Issuer this is your Issuer in Langdock
  4. Copy the “X.509 Certificate” and paste it into the “Certificate” field in Langdock — this is in the format:
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Finally, activate the “SAML Active” toggle to enable SSO.

Assign Users

To allow your users to sign in to Langdock via Okta, you need to assign them to the application. In the “Assignments” tab of your Okta application, click “Assign” and either:
  • Select “Assign to People” to assign individual users
  • Select “Assign to Groups” to assign entire groups

Test the SAML setup

To test the setup, please stay logged in in the current browser session and open a separate browser or an incognito window and navigate to https://app.langdock.com.
Enter an email address of a user assigned to the Okta application and click “Continue”. You will be redirected to the Okta login page, where you can enter your credentials. After successful authentication, you will be redirected back to Langdock and logged in.

Troubleshooting

If you encounter any issues during the setup, reach out to support@langdock.com for assistance.