Contents x
Set up SSO for Okta
    • Print
    • Dark
      Light
    Contents

    Set up SSO for Okta

      • Print
      • Dark
        Light
      Article summary

      This feature is currently in Private Preview.

      For more information about getting started, see Manage B2 Cloud Storage at Scale: Enterprise Web Console.
      For questions after implementation, contact the Product Team.

      You can use SSO independently of SCIM by leveraging just-in-time (JIT) provisioning. If SCIM is not available, you can still enable SSO on its own. When users sign in using SSO, their account attributes are automatically imported into the enterprise web console.

      Create a Custom Okta App

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Click Create App Integration.
      4. Select OIDC - OpenID Connect, select Web Application, and click Next.
      5. Enter a name for your application (for example, Backblaze SSO).
      6. In the Sign-in redirect URIs field, enter https://secure.backblaze.com/api/bz_oauth_sso_callback.
      7. In the Sign-out Redirect URIs field, enter https://secure.backblaze.com/user_signin.htm.
      8. In the Controlled Access field, select Skip Group Assignments for now.
      9. Copy the following values:
        • OIDC Issuer: This is the base URL of the Okta admin section (for example, https://dev-41081934-admin.okta.com/).
        • Client ID: This is the public identifier for the client (for example, 0oano6eeovVXjrmeM5d7).
      10. In the Client Secrets field, click Generate new secret and copy the value (for example, g2xm5ef1u3mn9OBLvfEFvE2Zrnj5fg0).

      Configure SSO in the Enterprise Web Console

      1. Sign in to your Backblaze organization.
      2. In the left navigation menu under Access Control, select Org Users.
      3. Select the Identity Provider tab.
      4. Click Set up SSO.
      5. Enter the OIDC Issuer, Client ID, and Client Secret that you copied in the "Create a Custom Okta App" task.
      6. Click Save.

      Assign Users to SSO

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Select your application (for example, Backblaze SSO).
      4. Click Assign, select Assign to People.
      5. Search for and select a user or a group of users, and click Assign.
      6. At the bottom of the user profile, click Save and Go Back.
      7. Click Done.

      Users can now sign in to the organization.

      Remove Users from SSO

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Select Backblaze SSO.
      4. Click X next to the user or group, and click OK.

      Rotate an SSO Key

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Select Backblaze SSO.
      4. In the General tab under CLIENT SECRETS, click Generate new secret.
      5. Repeat the steps in the "Configure SSO in the Enterprise Web Console" task.
      Was this article helpful?
      Related articles
      What's Next