How do I configure Okta as a SAML IdP?

It's recommended that you set up Datadog as an Okta app manually, as opposed to using a 'preconfigured' configuration.

General Details

  • Single Sign On URL: https://app.datadoghq.com/account/saml/assertion
  • Recipient URL: https://app.datadoghq.com/account/saml/assertion
  • Destination URL: https://app.datadoghq.com/account/saml/assertion
  • Audience Restriction: https://app.datadoghq.com/account/saml/metadata.xml
  • Default Relay State: <not required/leave blank>
  • Name ID Format: EmailAddress
  • Response: Signed
  • Assertion Signature: Signed
  • Signature Algorithm: RSA_SHA256
  • Digest Algorithm: SHA256
  • Assertion Encryption: <Assertions can be encrypted, but unencrypted assertions will also be accepted>
  • SAML Single Logout: Disabled
  • authnContextClassRef: PasswordProtectedTransport
  • Honor Force Authentication: Yes
  • SAML Issuer ID: http://www.okta.com/<OKTA_ENTITY_ID>

Attribute Statements Details

  • NameFormat: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
  • sn: user.lastName
  • givenName: user.firstName

Additional Information on configuring SAML for your Datadog account can be found here: http://docs.datadoghq.com/guides/saml/

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk