> ## Documentation Index
> Fetch the complete documentation index at: https://ngrok.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure Okta Single Sign-On (SSO)

> Configure Okta single sign-on (SSO) to sign in to the ngrok dashboard.

This guide explains how to use Okta as an identity provider to enable single sign-on (SSO) when signing into the ngrok dashboard.
It does not cover configuring an ngrok endpoint so [application users can log in using Okta](../endpoint-sso/okta-sso-oidc).

## What you'll need

* Admin access to create new applications in Okta.
* Admin access to edit your ngrok account settings.
* An [ngrok Pay-as-you-go account](https://ngrok.com/pricing).

## 1. Create a new SAML App Integration in Okta

* From the **Applications** menu, click **Create App Integration**.
* Select **SAML 2.0** and click **Next**.
* Give your app a name, and click **Next**.
* Enter temporary values for **Single sign on URL** and **Audience URI**, select **EmailAddress** for **Name ID format**, and then click **Next**.
  ngrok requires the username to be in email format.
* Select **This is an internal app that has been created** and click **Finish**.

## 2. Download your SAML App metadata XML

* Navigate to the **Sign On** tab on the new app and click **Actions** under the Active SHA-2 certificate.
* Click **View IdP metadata**.
* In that new window, select **Save As** from the File menu to save your `metadata.xml` file for uploading into ngrok in a later step.

## 3. Configure SSO for your ngrok account

* Log into your ngrok dashboard and navigate to **Settings > Account**.
* Click **+ New Identity Provider** to add a new identity provider.
* Add a helpful description, and then upload the `metadata.xml` file from Okta into the ngrok dashboard.
* In the Options section, select whether to allow users to log into the dashboard directly from their Okta dashboard.
* Click **Save**.
  This creates the integration and generates the required URLs for your Okta Application.

## 4. Add ngrok URLs to your Okta SAML application

* Back in your Okta account, on the **General** tab of your Okta app, click **Edit** under **SAML Settings**.
* Click **Next** on the **General Settings** tab to get to the **Configure SAML** tab.
* Replace the placeholder values with the values ngrok provided.
  Put the ngrok **ACS URL** value into Okta's **Single sign on URL** field.
  Put the ngrok **SP Entity ID** value into Okta's **Audience URI (SP Entity ID)** field.
* Click **Next**.
* Click **Finish**.

You can now log into your ngrok account using Okta.

By default, your ngrok account allows users to log in with their existing credentials as well as through Okta ("Mixed Mode").
After you verify that the integration works, enable **SSO Enforced** in the ngrok dashboard to require all new users to log in through Okta.
