Skip to main content

Integration guide

Okta Single Sign-On

Allow your team to sign in to Gjall using your company's Okta account. Enterprise teams can provision access centrally and enforce MFA through their existing Okta policies.

Prerequisites

  • Admin access to your Okta organization
  • Gjall Pro or Enterprise plan
  • Your Okta domain (e.g. yourcompany.okta.com)

Step 1 — Create an Okta OIDC app

1
Log in to your Okta Admin Console at your-org.okta.com/admin
2
Go to Applications Create App Integration
3
Select OIDC – OpenID Connect as the sign-in method, then choose Web Application as the application type. Click Next.
4
Configure the app:
  • App integration name: Gjall
  • Sign-in redirect URI: https://gjall.io/api/auth/callback/okta
  • Sign-out redirect URI: https://gjall.io
5
Under Assignments, choose which groups or users can access Gjall. Click Save.
6
From the app's General tab, copy:
  • Client ID
  • Client Secret (click Show)

Step 2 — Configure in Gjall

1
Go to Settings → Integrations in your Gjall dashboard.
2
Under Okta Single Sign-On, enter:
  • Okta domain (e.g. yourcompany.okta.com)
  • Client ID from the Okta app you created
  • Client Secret from the Okta app
3
Click Connect Okta SSO. Gjall will validate your Okta domain before saving.

Step 3 — Test the sign-in flow

1
Sign out of Gjall.
2
Go to gjall.io/login/sso and enter your company domain or email.
3
You should be redirected to your Okta login page. After authenticating, you'll land on the Gjall dashboard.

Note:The first sign-in via SSO will use your existing Gjall account (matched by email). If the email doesn't match an existing account, you'll be redirected to create one.

Ready to set up?

Head to Settings to configure Okta SSO for your team.

Open Settings →