We support SSO through Okta, Onelogin, Azure, and Google. Additional SSO's using open SSO protocols may also be supported. Please reach out to your Technical Account Manager if you are interested in using an SSO not listed here.
All Matik users added through the SCIM integration will be added as end users. To increase user permissions to Admin or Producer Admin, first add them as an end user via your SSO. Then grant them Admin and Producer Admin roles via Enterprise Settings within the Matik app.
SSO Setup
Click on your user button in the top right of Matik > Enterprise Settings and scroll down to the SSO section. Select your identity provider from the "Use (SSO) as an identity provider" checkboxes, then input the SAML Metadata URL and your email domain. Click "Update" on the bottom right of the screen. You will be directed to your SSO's documentation center on how to set up Matik. If you have an SSO enabled, your SSO admin will also be able to manage Matik users directly from within the SSO interface.
When you enable SSO, we disable the option to log in with a password for everyone in the account except users with the producer admin role in Matik.
If needed for implementation the following URL's can be used for SSO setup:
- Single Sign-on URL: https://app.matik.io/_api/auth/sso/okta/
- Audience Restriction: https://app.matik.io/_api/auth/sso/
- Recipient and Destination URL: https://app.matik.io/_api/auth/sso/okta/
- SCIM Base URL: https://app.matik.io/_api/scim/
SSO Setup (Okta)
Navigate to the Matik Integration page on Okta's website and click on Add integration. Configure the your Okta <> Matik integration as desired in Okta and complete the SSO Setup instructions above.
SSO Setup (Azure)
Follow the setup instructions above. You will be required to provide Matik's Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) to set up SSO inside of Azure. Note that auto-provisioning is currently unavailable. At this time the provisioning process is manual.
- Entity ID : https://app.matik.io/sp/metadata
- Reply URL : https://app.matik.io/_api/auth/sso/azure/
SSO Setup (Google)
Navigate to the SSO section of Enterprise Settings and Select "Use Google as an identity provider" and click "Update".
When using Google SSO users are provisioned through Matik using the email address associated with their Google account. See the Adding Matik Users help article for more information.
Comments
0 comments
Please sign in to leave a comment.