How do I configure Artifactory SAML SSO with Okta?

In Okta:

  1. Log in as a user with an administrator privilege
  2. Click on Add Application → Create New App → SAML 2.0
  3. Fill in App name: <desired_app_name> , click Next.
  4. In the SAML Settings fill in the following:
    Single Sign-On URL: https://${ARTIFACTORY_URL}/webapp/saml/loginResponse (e.g. https://yourcompany.jfrog.io/yourcompany/webapp/saml/loginResponse)
    Audience URI (SP Entity ID)https://${ARTIFACTORY_URL} (e.g. https://yourcompany.jfrog.io/yourcompany)
    Name ID Format: Unspecified
    Application username: Okta username (If you wish for Okta to use the part of the email address that comes before the “@” symbol as the username to log on to Artifactory, choose “Custom” instead of “Okta username” and in the “Custom Rule” fill in: ${f:substringBefore(user.email, “@”)}  – see screenshot below)

  5. Click Next and then Click Finish.
  6. A “SAML 2.0” frame will appear under the “Settings” frame
  7. Click “View Setup Instructions”
  8. Copy the data from the text boxes and paste them in Artifactory’s SAML settings 

In Artifactory:

  1. Log in as a user with an administrator privilege
  2. Click on the “Admin” tab
  3. Click on “Security” (in the left menu)
  4. Click on “SAML Integration” (in the left menu))
  5. Copy each data from Okta (from Step 8 above) and paste it in Artifactory’s as below
  6. Okta Artifactory

    Identity Provider Single Sign-On URL

    SAML Login URL

    Identity Provider Single Sign-On URL

    SAML Logout URL

    Identity Provider Issuer

    SAML Service Provider Name

    X.509 Certificate

    SAML Certificate

  7. Click Save.
  8. Logout from Artifactory and go to the Login page.
  9. Click SSO Login.


Note that when creating users in Okta, don’t forget to assign the Artifactory application for each user that will use Artifactory.