# SAML with Okta
{% hint style="info" %}
This process can only be fully achieved in collaboration with our team.
Exact instructions are provided in the impacted sections below where this exchange of information is required.
{% endhint %}
## Create a new SAML application in the Okta Admin Console
1. Sign-in to your Okta Admin Console.
2. On the sidebar, navigate to **Applications** -> **Applications**
3. On the main view, click "Create App Integration" button
Create SAML Application
4. In the Modal Dialog, select **SAML 2.0** and click **Next**
Select App Integration type
## Configure SAML Application
### Under the General Settings tab
1. Choose a name of the connection (that name will appear on your Okta apps)
2. Add application logo (optional)
3. Click **Next**
### Under the Configure SAML tab
1. **Single sign-on URL** set [https://auth.rely.io/login/callback/login/callback?connection={CONNECTION\_NAME}](https://auth.rely.io/login/callback/login/callback?connection=okta-saml-prod-viktor)
{% hint style="info" %}
Note
We will provide you with a {CONNECTION\_NAME}. To get it, use one of our dedicated channels:
* Direct outreach to your dedicated Customer Success Manager
* In Slack via your Dedicated Channel (for Enterprise customers)
* Via your in-product chatbot
* Via email to
{% endhint %}
2. **Audience URI (SP Entity ID)** set `urn:auth0:relyio:{CONNECTION_NAME}`
3. Scroll down to the **Attribute Statements** section:
1. Add an attribute statement for [`https://app.rely.io/email`](https://app.rely.io/email) with **Value** set to `user.email`
4. Click **Next** and then **Finish** to create the application.
Set SSO Url and Audience
### Share the Sign on URL and X509 Certificate with Rely.io
To secure the SAML connection, share a certificate with Rely and the Sign-in URL
{% hint style="info" %}
You can share the data using one of our dedicated channels:
* Direct outreach to your dedicated Customer Success Manager
* In Slack via your Dedicated Channel (for Enterprise customers)
* Via your in-product chatbot
* Via email to
{% endhint %}
#### Share the Sign on URL with Rely.io
1. Navigate to the previously created SAML application
2. Select the **Sign On** tab
3. On **Metadata details,** click **More details** to expand the Sign-on URL
4. Copy the **Sign-on URL** and share it with Rely
Copy Single Sign-On url
### Share X509 Certificate with Rely
1. Scroll down to find the **SAML Signing Certificates** section.
2. Generate a new certificate via the **Generate new certificate** button
3. Find the **Active** certificate and click **Actions**
4. Click **Download certificate**
5. Share the certificate with Rely
Generate and download certificate
There you go! You can now use Single Sign-on with Okta and Rely.io.
## Sync Okta Groups with Rely (Optional)
You can expose Okta groups with the Rely app. This will allow your Rely users to have their Okta groups in sync with Rely teams. Follow the steps below to expose Okta groups:
1. In the Okta Admin Console, navigate to **Applications** and select the newly created SAML application.
2. Select the **General** tab
3. Scroll down to **SAML Settings -> Edit**
4. At the **Configure SAML** tab, scroll down to **Group Attribute Statements (optional)**
5. Add **groups** as names, and **filter: Matches regex: `.*`**
6. Save
When your users log in to Rely using this SAML connection, the user's groups will be imported into Rely as teams out of the box, allowing your users to communicate, share resources and manage tasks efficiently within a group.
