Why Use Okta SSO With Approveit?

Single Sign-On centralizes authentication, reduces attack surface, and accelerates user onboarding. Studies show SSO can cut password-reset tickets by 50 % or more, boosting productivity and slashing IT costs. When paired with Approveit’s Slack/Microsoft Teams workflows, Okta SSO delivers:

• Seamless user experience: one login grants access to every request in Approveit, Slack, and Teams.

• Stronger security: enforce adaptive MFA and contextual access policies from the Okta Identity Engine.

• Centralized audit trail: Okta’s system log plus Approveit’s approval history help meet SOC 2, ISO 27001, and GDPR requirements for users.

Prerequisites:

Before you can start using the Approveit SAML integration with Okta, please follow these steps:

1. Install the Approveit application from the Okta Integration Network (OIN).

2. Contact Approveit Support at support@approveit.today with the following information:

   1. Your Identity Provider (IdP) metadata URL or XML file (You can find this in your Okta Admin Console after the Approveit application has been added to your organization)

   2. The domain you intend to use for SAML authentication (it could be downloaded af

3. Our team will configure the SAML integration on our end. This setup includes verification steps and is part of a paid feature offering.

4. Once everything is configured, we’ll notify you that the integration is ready for use.

Please note: At this time, self-service configuration is not available. All SAML setup is handled by the Approveit team to ensure proper validation and secure integration.

Supported features

• IdP-initiated SSO

• SP-initiated SSO

• Just-In-Time (JIT) provisioning

SP-Initiated SSO

Approveit supports SP-Initiated Single Sign-On (SSO). Users can initiate login directly from the Approveit application using one of the following methods:

• Navigate to https://app.approveit.today and click the SSO login button.

• Or go directly to https://app.approveit.today/sso to initiate SAML authentication.

Approveit will detect the user’s domain, redirect them to the configured Identity Provider (Okta), and upon successful authentication, return the user to the Approveit dashboard.

SAML configuration steps

To set up SAML SSO between Okta and Approveit, follow the steps below.

Step 1: Install the Approveit App in Okta

1. Log in to your Okta Admin Console.

2. Navigate to Applications > Applications.

3. Click Browse App Catalog.

4. Search for “Approveit”, select it, and click Add Integration.

5. (Optional) Customize the app label and click Done.

Step 2: Gather Identity Provider (IdP) Details

1. After adding the Approveit app, go to the app’s Sign On tab in Okta.

2. Click View Setup Instructions or locate the following details:

3. Identity Provider Metadata URL (or download the XML metadata file)

   • IdP Issuer / Entity ID

   • SSO URL (also called Single Sign-On URL)

   • X.509 Certificate

Note: These details are available after the Approveit application is added to your Okta organization.

Supported SAML Attributes

Approveit requires the following SAML attributes to be included in the SAML assertion:

Please ensure these attributes are properly mapped in the Attribute Statements section of your Okta SAML configuration.

Step 3: Send Info to Approveit Support

Contact Approveit Support at support@approveit.today with:

• Your Identity Provider metadata (either the metadata URL or XML file)

• The domain you intend to use for SAML authentication

Step 4: Approveit Configures SAML on Its Side

Once your information is received:

• Our team will configure SAML for your account internally.

• We’ll verify your domain and map your Okta settings appropriately.

• Configuration is part of a paid feature and handled by Approveit to ensure proper validation and security.

Step 5: Confirmation and Testing

• Approveit will notify you once the integration is complete.

• You can test the setup by:

  • Visiting https://app.approveit.today and clicking the SSO button, or

  • Going directly to https://app.approveit.today/sso

After successful login, you’ll be redirected to the Approveit dashboard.