Skip to main content
Artie supports single sign-on to your dashboard via OIDC. If you are using Okta, we have provider specific documentation for setting up SSO. If you are using another provider, just contact us!
You need to be your company’s Okta and Artie admin to set this up
1

Create an Artie Okta application

To create an app, please do the following:
  1. Log in to your Okta admin dashboard
  2. Go to Applications > Applications
  3. Click “Create App Integration”, select “OIDC - OpenID Connect”, and pick “Web Application”
2

Fill in the form with the following values

  • Application Name: Artie
  • Grant type: Only “Authorization Code” should be selected
  • Sign-in redirect URIs: https://api.artie.com/sso/okta/callback
  • Sign-out redirect URIs: https://api.artie.com/logout
  • (Optional) If you want to enable Artie as an Okta tile app. You can also specify https://api.artie.com/sso/okta/login as the “Initiate login URI”
3

Retrieve your credentials

  • Client ID
  • Client secret
  • Okta domain (You can get this from the top right navigation bar) Client ID and secret Retrieving your Okta domain

Provisioning users (SCIM)

Artie supports automatic provisioning and deprovisioning users from Okta via SCIM integration (beta) — for access to this feature, contact us!
This integration is used for provisioning only. Artie does not support SAML/SWA login through this SCIM app.To enable SSO, you must configure a separate SSO application in Okta.
1

Create SCIM API key in Artie

In Artie, Settings > Authentication, create a new API key with the SCIM API key type.
Create Artie SCIM API Key
Copy and securely store the key. You will use it during Okta configuration.
Copy Artie Scim Secret Key
2

Create an Artie Okta SCIM application

Add the Oauth Bearer Token Governance with SCIM 2.0 integration to your Okta tenant.
1

Installation

On the General Settings page:
  • Set the Application label (for example: Artie SCIM).
  • Under Application visibility, uncheck Display application icon to users
    This application should not be visible to end users because it does not support login.
2

Configure sign-on settings

On the next page:
  • Ignore most SAML and SWA fields, as the integration does not support login.
  • Under Credentials Details:
    • Set Application username format to Email
Click Next.
3

Configure SCIM application

Open the newly created application and complete the following:
1

Configure SCIM provisioning

  • Navigate to the Provisioning tab.
  • Click Configure API Integration.
  • Check Enable API integration
  • Configure the following:
    • Base Url: https://api.artie.com/scim/v2
    • OAuth Bearer Token: Paste the SCIM API key generated in Step 1.
    • Import Groups: Leave unchecked, as Artie’s SCIM integration does not support groups.
  • Click Test Integration, then Save.
2

Enable SCIM provisioning

  • In the Provisioning tab, select To App.
  • Click Edit.
  • Enable:
    • Create Users
    • Deactivate Users
  • Click Save.
4

Assign users to Artie.

  • Navigate to the Assignments tab.
  • Click Assign.
  • Assign users or groups to the application.
Assigned users will be automatically provisioned to Artie with normal permissions.

Configuring this on Artie

Once you have gathered the information from above, go to the settings page in your Artie dashboard. Under “Authentication”, you can click “Configure Okta SSO”. Once all the necessary information is filled out, users can now log in through Okta SSO.

Questions

To log in through SSO, users would:
  1. Go to the SSO login screen
  2. Enter their company email address
  3. If matched, an email will be sent to the user to log in
  4. It will prompt them to log in through their configured IDP
  5. They will then be redirected and authenticated into Artie