The DatoCMS Blog

SSO Okta integration is online!

Posted on November 11th, 2019 by Massimiliano Palloni

As your project scales and your organization grows, it’s hard to balance security and productivity. Your team has to manage too many applications, users, and devices without risking security breaches or wasting a massive amount of time. That’s why single sign-on (SSO) services are becoming a must: they eliminate multiple passwords, help user management, and grant secure access to all the applications. When enterprises implement a quality SSO solution, it adds security, improves usability, and saves time and money for the IT department. That's why we have worked to ensure that your identity provider is compatible with DatoCMS thanks to our new SAML 2.0 + SCIM 2.0 implementation.

DatoCMS is now compatible with all the best-known identity providers on the market. Still, today, we want to talk specifically about the integration with Okta, one of the most popular and complete access management platforms on the market.

How it works

When a user tries to access an SSO-enabled project or the administration console, the system checks whether it has an open session in Okta. Otherwise, the user is asked to enter his credentials to access all the protected resources for a time. You can read more about DatoCMS’ SSO Authentication process in our guide.

What can you do with Otka on DatoCMS?

We support all the provisioning features you expect straight from Okta. For example, creating a new user in Okta and assign them to the DatoCMS application will also create a new user in DatoCMS. In the same way, you can deprovision a user from Okta an automatically deny his access to DatoCMS.

You can also import existing DatoCMS users in Okta, converting them into SSO users.

And then sync them in Okta.

You can also update user attributes, deactivate, and reactivate user’s access to DatoCMS within Okta in a matter of seconds.

The integration with Okta also allows you to leverage the group feature to assign different roles in DatoCMS to provisioned users.

For a complete list of features and a step-by-step configuration guide, check our documentation here.