Setup & Integrations
Single Sign On (SSO)
Okta
this guide explains how to configure okta single sign on (sso) so users can securely log in to resolve ai you'll create a custom saml application, configure user and group attributes, and share your setup details with your resolve contact this setup must be completed by an okta administrator features & requirements resolve ai supports saml 2 0 based sso with okta, including just in time (jit) user provisioning user accounts are created on first login group based access control via saml attributes (optional) note we do not currently support scim (system for cross domain identity management) for automated user/group provisioning and de provisioning to use resolve ai with saml sso, you must have an okta license that supports custom saml app integrations the ability to configure saml assertions and attributes this typically requires okta workforce identity licenses at the business or enterprise tier please verify with your okta admin to confirm availability in your plan 1\ create a saml app log in to your okta admin dashboard (ex yourcompany okta com ) go to applications > applications click create app integration select saml 2 0 as the sign on method and click next 2\ configure app details app name resolve ai download the resolve ai logo and add it in app logo click next to continue 3\ configure saml settings single sign on url https //app0 resolve ai/auth/saml/callback audience uri (sp entity id) app0 resolve ai default relaystate leave blank name id format unspecified name id user’s primary email, usually okta username or user email 4\ add attribute statements map the following attributes email user email firstname user firstname lastname user lastname 5\ contact resolve ai in the sign on tab, click view setup instructions and copy the following details sign on url sign out url issuer (entity id) signing certificate share these with your resolve contact to complete the connection once confirmed, users can log in at app0 resolve ai https //app0 resolve ai/ optional group attribute mapping for rbac if you're using okta groups to control resolve roles in the group attribute statements section name groups filter define which groups to include (ex resolve admins ) contact resolve to map group names to roles (ex admin, member) in the assignments tab, you can assign which users or groups can access resolve ai learn more about assigning users and groups to an okta app https //help okta com/en us/content/topics/users groups profiles/usgp assign app group htm# text=click%20the%20app%20name%20and,dialog%20box%20if%20it%20appears