Skip to main content
Get started with SSO (Okta)
Updated over a week ago

Single Sign-On with Okta is available on our Scale plan

Single Sign-On (SSO) enables your organisation to sign in and authenticate using an identity provider (IDP) such as Okta. In addition to supporting sign-in with Google, Wondering also supports single sign on with Okta.

Before you get started

You will need to:

  1. Be on a Wondering Scale plan.

  2. Email [email protected] to let us know that you'd like to set up Okta. We'll get back to you within 24hrs with confirmation that you are ready to proceed.

  3. Be an Admin on both your Okta & Wondering account.

To set up your Wondering account with single sign-on using Okta, follow these steps.

Initial Wondering setup

Head to Wondering and open the Team tab within Accounts (link here).

  1. Scroll down to Single Sign-On make sure "Enable SSO" is set to true.

  2. You should now be able to see ACS URL and Entity URI, you'll need these values in a later.

Okta setup

  1. As an Admin, go to your Okta account and click Admin in the top navigation:

  2. Next, go to Applications > Applications in the navigation:

  3. Next, click Create App Integration:

  4. In the modal that appears, select "SAML 2.0" and then click Next:

  5. Enter "Wondering" as the App name and then click Next:

  6. Under "SAML Settings", enter the "ACS URL" and "Entity URI" values you retrieved from your Wondering account in step 3 above. Make sure the "Name ID format" dropdown is set to "EmailAddress" and that the "Application username" dropdown is set to "Email".

  7. Next, in the the "Attribute Statements" section click Add another to add a new attribute, resulting in two attribute fields being shown:

    1. Attribute 1:

      1. Name = firstName

      2. Name format = Basic

      3. Value = user.firstName

    2. Attribute 2:

      1. Name = lastName

      2. Name format = Basic

      3. Value = user.lastName

  8. Scroll down to Preview the SAML assertion generated from the information above and click Next:

  9. In the Feedback section, select the "I’m an Okta customer adding an internal app" option, and then click Finish.

Wondering has now been added to your Okta account.

Finalise Okta set up in Wondering

The final step is to add some details from Okta to Wondering. To do this:

  1. View the Wondering overview page (within Okta) for your new application. On this page, go to the Sign On tab:

  2. Scroll down to "SAML Setup" and click "View SAML setup instructions":

  3. In a new tab, you'll now see your configuration values. These values will be needed in the next step:

  4. In Wondering, go back to the Team tab within Accounts (link here).

    1. Scroll to "Single Sign-On".

    2. Paste in the configuration values you just got from Okta into the corresponding fields in Wondering.

    3. When done, click "Save changes" to save your changes to Wondering:

Okta value

Wondering value

Identity Provider Single Sign-On URL

Entry Point URL

Identity Provider Issuer

Issuer URL

X.509 Certificate

X.509 Certificate

You will now be able to assign users to use Wondering by going to the Assignments tab on the Okta application page for the Wondering application. Once assigned, users can then sign up and start using Wondering by choosing the Log in with SSO option on the Wondering login page.

Did this answer your question?