How do I configure Okta as a SAML IdP?

It's recommended that you set up Datadog as an Okta app manually, as opposed to using a 'preconfigured' configuration.

General Details

  • Single Sign On URL:
  • Recipient URL:
  • Destination URL:
  • Audience Restriction:
  • Default Relay State: <not required/leave blank>
  • Name ID Format: EmailAddress
  • Response: Signed
  • Assertion Signature: Signed
  • Signature Algorithm: RSA_SHA256
  • Digest Algorithm: SHA256
  • Assertion Encryption: <Assertions can be encrypted, but unencrypted assertions will also be accepted>
  • SAML Single Logout: Disabled
  • authnContextClassRef: PasswordProtectedTransport
  • Honor Force Authentication: Yes

Attribute Statements Details

  • NameFormat: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
  • sn: user.lastName
  • givenName: user.firstName

Additional Information on configuring SAML for your Datadog account can be found here:

Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk