Settings
Set up Single Sign-On (SSO) with Okta
Step-by-step guide to configure Okta SAML 2.0 Single Sign-On (SSO) for Maxim AI.
Enable enterprise-grade Single Sign-On with Okta to centralize authentication, improve security, and streamline access to Maxim AI.
Overview
This guide walks you through configuring Okta as the Identity Provider (IdP) for Maxim AI using SAML 2.0. You will:- Create a SAML 2.0 app in Okta
- Configure SAML settings and attributes
- Assign users and groups
- Upload Okta metadata to Maxim AI and test SSO
Prerequisites
- Okta administrator access
- Maxim AI admin access
- SAML-based Single Sign-On (SSO) enabled for your plan. Check plans for more details.
Step-by-step setup
1
Create a SAML 2.0 application in Okta
In Okta Admin Console, go to Applications → Applications and click “Create App Integration”
2
Configure sign-in method
Select “SAML 2.0” and click “Next”
3
Application details
Enter an app name (e.g., “Maxim AI”) and optionally upload an icon
4
Configure service provider details
In the SAML settings:
- Single sign-on URL (ACS URL):
https://app.getmaxim.ai/api/oauth/saml - Audience URI (Entity ID):
www.getmaxim.ai - Name ID format: EmailAddress
- Application username: Email
- email → user.email
- firstName → user.firstName
-
lastName → user.lastName
5
Support settings
In Okta, leave the default support contact settings unless your org requires custom values, then click “Next”.
6
Copy IdP metadata URL
Copy the IdP metadata URL from the Sign On tab of your Okta app
7
Upload IdP metadata to Maxim
- Log in to Maxim AI, go to Settings → Single sign-on, and click “Add identity provider”
- Enter your email address domain as the tenant identifier
- Enter “Okta” as the name for the identity provider
- Paste the IdP metadata URL and click “Add provider”
8
Assign users and groups
- In the Okta app, open the Assignments tab
- Assign People and/or Groups who should access Maxim AI
- Confirm users have valid email addresses matching their Maxim AI accounts