Set up SSO with Okta

You must create a custom application in Okta in order to use Single Sign-On (SSO) for Mixpanel through Okta. Before using this document, read the general Mixpanel SSO set-up instructions as well as Okta’s documentation on setting up a new application.

This is a new version of SSO and is in BETA. 
Email sso-support@mixpanel.com for more information.

Configure SSO in Mixpanel

Follow the general SSO set-up instructions in this documentation.

Make sure to collect your postback URL and successfully claim your domain.

Create the Mixpanel App in Okta

Follow Okta’s documentation on setting up a new application to create the Mixpanel App.

Configure SAML

You must fill the form found in the “Configure SAML” menu in Okta. The following highlights what you should place in the fields.

OktaSaml.png

Make sure that the following is adjusted to match the following:

Additionally, it is required that you use email as an attribute statement. 

Obtain Information From Okta

You must first obtain your Public Certificate, Authentication URL, and Issuer URL in order to configure Mixpanel use with Okta.

To access this information, first select the select the Mixpanel app under the "Applications" tab in Okta. Click on the Sign On tab.

Under the "SAML 2.0" section, click View Setup Instructions and scroll down to "Configuration Data".

OktaView.png

Public Certificate

Your X.509 certificate is what allows users signing in through a third-party identity provider to be authenticated by Mixpanel without supplying a username and password. Each identity provider account has a unique X.509 certificate that will need to be uploaded to Mixpanel during the single sign-on setup process.

Click Download Certificate in the second entry to download your certificate.

Certs_4.png

Authentication URL

Your Authentication URL is in the third entry labeled “Redirect Login URL”.

Certs_2.png

Issuer URL

You will find your Issuer URL in the third entry labeled “Identity Provider Issuer”.

Certs.png

Enable SSO 

From Mixpanel, navigate to your Organization Settings. From the SSO menu, insert your Public Certificate, Authentication URL, and Issuer URL.

Optionally toggle “Require Users to Log In using SSO” if you prevent your users from using a username and password to log in. Click Enable.

Is this article helpful?

Comments

0 comments

Article is closed for comments.