CloudQuery Platform
  • Introduction
    • Welcome to CloudQuery Platform
    • Getting Help
  • Quickstart
    • Creating a New Account
    • Platform Activation
  • Core Concepts
    • Integrations
    • Syncs
    • Filters & Queries
    • SQL Console
    • Reports
  • Integration Guides
    • Setting up an AWS Integration
    • Setting up an AWS Cost and Usage Integration
    • Setting up a GCP Integration
    • Setting up an Azure Integration
    • Setting up a GitHub Integration
    • Setting up a K8s Integration
      • Using AWS EKS
      • Using Azure AKS
      • Using GCP GKE
    • General Integration Setup Guide
    • General Destination Setup Guide
  • Syncs
    • Setting up a Sync
    • Monitoring Sync Status
  • Cloud insights
    • From cloud asset inventory to insights
      • Security-focused queries
      • Compliance-focused queries
      • FinOps-focused queries
  • Production Deployment
    • Enabling Single Sign-on (SSO)
      • Single Sign-On with Google
      • Single Sign-On with Microsoft
      • Single Sign-On with Okta
  • User Management
    • Platform Roles Overview
    • Workspace Roles Overview
  • Advanced Topics
    • Custom Columns
    • Understanding Platform Views
    • Performance Tuning
  • Reference
    • Search & Filter Query Syntax
  • API Reference
  • CLI Docs
  • CloudQuery Hub
Powered by GitBook
On this page
  • Step 1: Set the Base URL
  • Step 2: Create a SAML Application in Okta
  • Step 3: Configure SAML Settings
  • Step 4: Assign Users and Groups
  • Step 5: Configure Metadata and Sign-Out URL
  • Step 6: Enable and Test SSO

Was this helpful?

  1. Production Deployment
  2. Enabling Single Sign-on (SSO)

Single Sign-On with Okta

Set up Single Sign-On with Okta

PreviousSingle Sign-On with MicrosoftNextUser Management

Last updated 3 months ago

Was this helpful?

Step 1: Set the Base URL

  1. In the CloudQuery Platform sidebar, click on your user profile, then select Admin Settings.

  2. Switch to the Single Sign-On tab.

  3. In the Base URL field, enter the HTTPS URL for your platform installation and click Submit.

    • This should be the domain or subdomain where you host CloudQuery Platform, e.g., https://cloudquery.example.com.

Step 2: Create a SAML Application in Okta

  1. In a new tab, log in to your Okta Admin Console.

  2. Navigate to Applications → Applications.

  3. Click Create App Integration.

  4. Select SAML 2.0 as the sign-in method and click Next.

Step 3: Configure SAML Settings

In the General Settings section, enter an CloudQuery as the App name, upload a logo (optionally) and click Next.

Under SAML Settings, enter the following:

  • Single sign-on URL (ACS URL): Copy this value from the CloudQuery Admin panel.

  • Audience URI (Entity ID): Copy this value from the CloudQuery Admin panel.

  • Name ID Format: Select EmailAddress.

Scroll down to Attribute Statements and add the following:

  • first_name → user.firstName

  • last_name → user.lastName

  • email → user.email

Then, click on Next.

Step 4: Assign Users and Groups

  1. In the Assignments section, select Skip group assignment for now or assign users as needed.

  2. Click Finish.

  3. Navigate to the Assignments tab of the CloudQuery application in Okta.

  4. Click Assign → Assign to People or Assign to Groups and select users or groups.

Step 5: Configure Metadata and Sign-Out URL

In the newly created application, go to the Sign On tab.

Then, under Settings, find the Identity Provider metadata link and copy the Metadata URL.

Once done, head back to the CloudQuery Admin panel, enter the Metadata URL instead of uploading an XML file. Then, locate the Sign-Out URL in Okta and copy it.

In the CloudQuery Admin panel, enter the Sign-Out URL to ensure proper logout functionality.

Step 6: Enable and Test SSO

  1. In the CloudQuery Admin panel, click Save and enable.

  2. In the Okta Admin Console, click Sign On → Test Sign In.

  3. If everything is set up correctly, you should be logged into CloudQuery Platform using your Okta credentials.

Configuring the platform base URL in CloudQuery
Creating a new SAML 2.0 application
CloudQuery application details
SAML settings with values coming from CloudQuery SSO page
Mapping CQ attributes with Okta attributes
Metadata URL and Sign out URL values to be copied
Configuration of Metadata URL and Sign out URL