Configuring Okta for Coveo Cloud V2 SAML SSO

Okta is a service providing single sign-on (SSO) for web and mobile applications (see Okta Single Sign-On).

Single sign-on allows users to log in to several systems with a single ID and password. Many SSO systems support Security Assertion Markup Language (SAML) 2.0, which is an XML-based, open-standard data format, to allow an external service provider to rely on the user authentication performed by a trusted identity provider (see Security Assertion Markup Language).

As a Coveo Cloud V2 administrator, you can implement SAML SSO when your company uses Okta. Users can then log in to Coveo Cloud V2 without having to provide their username and password since their identity has previously been validated when logging in to their Okta session.

To allow users to log in via SAML SSO, Coveo Cloud V2 must be able to trust and rely on Okta to authenticate users wishing to login. To establish this trusting relationship, you must configure Okta and then Coveo Cloud V2 so that both parties can exchange authentication information.

If you are not the Okta administrator at your company, contact them so they configure Okta using the following steps. If you want to encrypt identity provider assertion, you will have to provide them with the Coveo Cloud V2 public certificate as well (see Encrypt Okta Assertions).