Okta SSO

Integrate Staircase AI with Okta SSO for authentication protocol

Written by Lior Harel
Updated over a week ago


OpenID Connect is the preferred authentication protocol for Staircase AI because it is more user-friendly and secure than other methods.

We currently support SP-initiated SSO.


To set up Okta OpenID Connect authentication, you must have admin rights in Okta, and be an admin in Staircase AI.


Step 1 - Setup Staircase AI in Okta

  1. Log into your Okta Admin account

  2. Click Admin, and then Applications

  3. Click Create App Integration

  4. Select OIDC - OpenID Connect as the Sign-in method

  5. Select Web Applications as the Application Type

  6. In the Trusted Origins and Assignments sections that follow, there are no configuration requirements. Define as needed

  7. Click Next

  8. In General Settings, App integration name field, give the app a name, for example, "Staircase AI", and add the below logo

  9. In the Grant Type section, select the Implicit Hybrid checkboxes

  10. In the Sign-in redirect URIs field, enter https://app.staircase.ai/oktacallback

  11. Click Save. You have now created an OIDC custom Okta app. Continue by configuring the app and assigning users to it

  12. Make a note of the Client ID and Client secret provided

13. On the Sign-on tab, OpenID Connect ID Token section, make a note of the Issuer URL. The URL usually has the format of: https://my-organization.okta.com

14. Assign users and/or groups that should have access to Staircase AI. Make sure that the email addresses you use in Okta match those used in Staircase AI

Step 2: Set up Okta OpenID Connect in Staircase AI

  1. In Staircase AI, go to settings -> integrations -> Okta card

  2. Enter the Client ID, Client Secret and Issuer URL that you got when setting up Staircase AI in Okta

  3. Click Connect

Sign in to Staircase AI using Okta

On the Staircase AI login screen, enter the email address associated with your Staircase AI account in Okta. Click Sign-in.

Please note: We support SSO using Google / Microsoft or Okta. No SAML

Did this answer your question?