Skip to main content

Single Sign-On With Okta

Requirements

  • You will need to be the Admin of the Statsig Organization you intend to add SSO with Okta to.
  • You will need to be the Administrator of the Okta account you want to link.

Supported Features

Service Provider(SP)-Initiated Authentication for Single Sign-On (SSO) using OIDC can be enabled on Statsig to connect your Okta account to your Statsig Projects.

Configuration

Adding the Statsig OIDC Application in Okta

  1. Navigate to your Okta portal.
  2. On your Okta portal, click on Applications on the left-hand-column, and click into Applications in the dropdown. img
  3. On the Applications page, click on the Browse App Catalog button. img
  4. On the App Catalog page, use the searchbox to search for Statsig and click on the Statsig OIDC Application.
  5. In the Statsig Application, click on the Add button. img
  6. After creating the Statsig OIDC Application in Okta, navigate to the Sign On tab in the Application, note the Client ID and Client Secret fields that will be needed to enable Single Sign-On with OIDC on the Statsig Project. img

Once these steps have been completed, the Statsig OIDC Application in Okta has been successfully configured. Following this, you will need to follow the steps here to enable configuration of SSO on your Statsig Project.

Note when adding the Statsig OIDC Application in Okta, the sign-in and sign-out redirect URIs are automatically configured.

Proof Key for Code Exchange (PKCE)

Statsig does not currently support the PKCE Flow, so you will need to turn off the feature in Okta when you enable SSO with Statsig.