Skip to main content

WhyLabs SAML Provisioning with Okta

info

SAML Integration is only available to WhyLabs Enterprise Plan customers. To get started, please contact our support team or email us at [email protected].

WhyLabs supports SAML (Security Assertion Markup Language) based Single Sign On (SSO) through providers such as Okta. Configuring for your WhyLabs account lets your organization log in to WhyLabs using credentials stored in an Okta identity store that has been configured with a SAML Identity Provider. In order to allow your Okta users to log in to WhyLabs, you will need to create a SAML Okta application and provide WhyLabs with its sign-on URL and certificate. You can find more detailed instructions about this process in the official Okta documentation

Steps

  1. Visit https://{YOUR-OKTA-TENANT}-admin.okta.com/admin/apps/active
  2. Choose “Create App Integration”
  3. Pick “SAML 2.0” and click “Next”
  4. Name your app something descriptive, e.g. “WhyLabs AI Control Platform”
  5. Adjust the app logo and visibility settings as needed
  6. Click “Next”
  7. Set the “Single sign on URL” to https://auth.whylabsapp.com/login/callback
  8. Set the “Audience URI (SP Entity ID)” to the value provided by WhyLabs which should look similar to urn:auth0:whylabs-enterprise:{APPLICATION-NAME}
  9. Set the “Name ID format” to EmailAddress
  10. Leave the other options unchanged and click “Next”
  11. Select “I'm an Okta customer adding an internal app”
  12. Fill out the Okta setup feedback form below (optional) and click “Finish” 13. Go the the “Assignments” tab and add users or groups that should have access to WhyLabs
  13. Go back to the “Sign On” tab
  14. Scroll down to find the “SAML Setup” section on this page (next to “SAML Signing Certificates”) and click “View SAML setup instructions”
  15. On this page, note the “Identity Provider Single Sign-On URL” and the “X.509 Certificate” sections

Please copy the Sign-On URL and download the certificate, then forward both to WhyLabs via email. We will let you know once the connection has been set up on our end and is ready for testing.

Your app’s SAML settings should look roughly like this in the end:

Okta SAML integration
Prefooter Illustration Mobile
Run AI With Certainty
Get started for free
Prefooter Illustration