Skip to main content Prerequisites
Admin access to your Okta instance
Be ready to share one of the following:
A metadata URL
A metadata.xml file
Setting up Arize SSO in Okta (SAML 2.0) To configure Single Sign-On for Arize in Okta, follow these steps:
Create a New SAML 2.0 App in Okta
In the Okta Admin Console, go to Applications > Applications > Create App Integration
Select SAML 2.0 as the sign-in method
Enter Arize SAML Settings
Configure Okta with the following information about the Arize Service.
SSO URL / ACS (Assertion Consumer Service) : https://app.arize.com/auth/v2/saml
URI / EntityID: https://app.arize.com
UserName / NameID format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
If needed for your Identity Provider, Arize SAML metadata.xml can be downloaded from https://app.arize.com/auth/v2/saml/metadata
SSO URL / ACS (Assertion Consumer Service): https://app.eu-west-1a.arize.com/auth/v2/saml
URI / EntityID: https://app.eu-west-1a.arize.com/
UserName / NameID format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
If needed for your Identity Provider, Arize SAML metadata.xml can be downloaded from https://app.eu-west-1a.arize.com/auth/v2/saml/metadata
(Optional) Set Up Attribute Statements for Just-In-Time (JIT) Provisioning
Map user attributes as needed
Create a document to share with the Arize team that maps out the IdP configs. Be sure to include:
The Attribute Name/Value
The level of access including the relevant orgs and spaces (see different access levels here)
Refer to the example below for how to format/ submit attributes
Attribute Name/ Value Account Admin (Yes/ No) Space (if not account admin) Org Access Level (Admin/ Member/ Read Only) Space Access Level (Admin/ Member/ Read Only) Arize_Admin Yes Arize_Developer No Dev Read Only Admin
Send Your IdP Metadata to Arize
Once configured, send Arize your IdP metadata URL, or the metadata.xml directly.
