Okta Single-Sign-On

This document describes how to integrate Optimove with Okta’s identity provider system, to implement a SAML-based Single-Sign-On flow in Optimove.

Follow these instructions to prepare your Okta account for integration with Optimove.

Setting Up the Integration in Okta

  1. Create a user in Optimove.
  2. Create a user in Okta.
  3. Log in to your Okta account as admin.
  4. From the Okta dashboard, click Admin to reach the Admin Dashboard.
  5. Go to the Applications tab.
  1. Click Add Application.
  1. Click Create New App. The Create a New Application Integration window opens:
  1. Set Platform to: Web.
  2. Set Sign on method to: SAML 2.0.
  3. Click Create.
    Now, in the Application window:
  4. Set App name to: Optimove Site.
  5. Upload the Optimove logo (Optional).
  1. Click Next.

In the below steps, please replace XXX with the name of your Optimove site - XXX.optimove.net;
make sure to use lower-case letters

  1. Set Single sign-on URL to: https://optimove-production.eu.auth0.com/login/callback?connection=XXX-okta
  2. Set Audience URI (SP Entity ID) to: urn:auth0:optimove-production:XXX-okta
  3. Set the Application username to: Email
  1. Add the following Attribute Statements:


    • Name: email
    • Name format (optional): Unspecified
    • Value: ${user.email}


    • Name: email_verified
    • Name format (optional): Unspecified

    The Email_verified attribute refers to the method of verification for email addresses used in your Okta profile. You must provide Optimove with the email verification attribute name and format used for verification. If email verification is not available or is not in use in your Okta profile, use the constant value “true” instead of the attribute value.


    • Name: email_verified
    • Name format (optional): Unspecified
    • Value: true

  2. Click Preview the SAML Assertion to generate XML and verify that your settings are

  3. Click Next.

  4. In the next window, answer the "Are you a customer or partner?" question by selecting "I'm an Okta customer adding an Internal app".

  5. Click Finish.

  1. Once you have completed the above configuration, click on the Sign On tab.
  2. Click View Setup Instructions.
  1. From the next window, copy the following values generated by Okta:
    • Identity Provider Single Sign-On URL
    • The X.509 Certificate file (click Download certificate)

Please use the Information you copied (Login URL and SAML certificate in .PEM or .CER format only) and share it with the Optimove team in the following form- https://run.ply.io/run/O3mR1BE5 This will open a ticket for the Optimove team.

Optimove will notify you once the configuration is ready and schedule a date to turn on the SSO connection.
Optional – You may add test user credentials in the form; this test user should be created by you in both Optimove and Okta with Optimove as the assigned application; this user will be used to test the integration by the Optimove team.