search

Single Sign-On (SSO) with Okta

Single Sign-On (SSO) with Okta allows organizations to securely access Asset Panda using centrally managed Okta identities. By authenticating users through Okta, teams can reduce password fatigue, minimize login-related support requests, and enforce consistent security policies across the organization.

Once configured, users can sign in to Asset Panda using their existing Okta credentials, enabling a seamless and secure authentication experience.

hashtag
Prerequisites

Ensure the following requirements are met before starting the configuration:

  1. Active Asset Panda Pro subscription

  2. Administrator access to Asset Panda

  3. Okta tenant with Admin or Super Admin permissions

  4. Users created in Okta with email addresses that match Asset Panda user accounts

hashtag
Configure SSO in Okta

Set up Asset Panda as a SAML 2.0 application in Okta and generate the IdP Metadata file required by Asset Panda.

hashtag
Create a SAML Application

  1. Sign in to the Okta Admin Console.

  2. Navigate to Applications > Applications.

  3. Click Create App Integration.

  4. Select SAML 2.0 and click Next.

  5. Enter an App name (for example, Asset Panda SSO).

    1. Optionally upload an app logo.

  6. Click Next to continue.

hashtag
Configure SAML Settings

Provide the following values:

  1. Single sign-on URL (ACS URL) Use the Asset Panda Assertion Consumer Service (ACS) URL provided by Asset Panda.

  2. Audience URI (SP Entity ID) Use the same value as the ACS URL unless otherwise instructed.

  3. Name ID format Select EmailAddress.

  4. Application username Set to Email.

hashtag
Attribute Statements (Recommended)

Configure the following attribute mapping to ensure proper user identification:

Name

Value

email

user.email

Click Next, review the configuration, and click Finish.

hashtag
Assign Users

  1. In the Okta application, go to the Assignments tab.

  2. Assign users or groups that should have access to Asset Panda.

hashtag
Download/Copy IdP Metadata

  1. Go to the Sign On tab of the Asset Panda application in Okta.

  2. Locate the SAML 2.0 section.

  3. Download or Copy and create the IdP Metadata XML file.

This file will be uploaded to Asset Panda in the next step.

hashtag
Configure SSO in Asset Panda

After completing the Okta configuration, set up SSO in Asset Panda using the IdP Metadata file.

  1. Log in to Asset Panda as an administrator.

  2. Navigate to Settings > Preferences > Single Sign-On (SSO).

  3. Click Add new SSO.

hashtag
Select SSO Provider

  1. Under Select Your SSO Provider, choose SAML.

hashtag
Configure SSO Settings

Complete the fields shown on the SSO configuration screen:

  1. Enable Type

    1. Enable for all users – applies SSO to all users

    2. Enable for selected domains – applies SSO only to specified email domains

  2. Selected Domains

    1. Displayed only when domain-based SSO is enabled

    2. Enter one or more email domains and press enter (for example, company.com)

  3. Connection Name

    1. Enter a descriptive name for the SSO connection (for example, Okta SSO)

hashtag
Upload IdP Metadata

  1. Upload the IdP Metadata XML file downloaded from Okta.

    1. Drag and drop the file or click Browse to upload it.

  2. Click Save.

Asset Panda automatically extracts the required SAML configuration and certificates from the metadata file.

hashtag
Enable and Verify SSO

  1. Ensure the newly added SSO connection shows a status of Enabled.

  2. Open a private or incognito browser window.

  3. Navigate to the Asset Panda login page.

  4. Enter your email address and proceed with SSO login.

    1. If domain-based SSO is configured, you may be prompted to re-enter your email address.

  5. Authenticate through Okta and confirm you are redirected to the Asset Panda dashboard.

hashtag
Notes and Considerations

  1. Asset Panda uses the IdP Metadata file to configure all SAML settings automatically. Manual entry of ACS URLs, Entity IDs, or certificates is not required.

  2. User email addresses in Okta must exactly match user email addresses in Asset Panda.

  3. If multiple SSO connections exist, ensure domain settings do not overlap.

hashtag
Troubleshooting

Login fails after authentication

  1. Verify the user is assigned to the Asset Panda application in Okta.

  2. Confirm the user’s email address matches the Asset Panda user record.

SSO button does not appear

  1. Check that the SSO connection status is Enabled.

  2. Confirm the user’s email domain matches the configured domain (if domain-based SSO is used).

Certificate or metadata errors

  1. Re-download the IdP Metadata file from Okta and re-upload it in Asset Panda.

PreviousGoogle Workspace SSONextTicket Management

Last updated