Okta SAML 2.0 Single Sign On Guide

Use this page as your go-to resource for configuring SAML 2.0 for Lola with Okta.



  1. Supported Features
  2. Configuration Steps

Supported Features

The Okta/Lola SAML integration currently supports the following features:

  • SP-initiated SSO
  • IdP-initiated SSO
  • JIT (Just In Time) Provisioning
  • For more information on the listed features, visit the Okta Glossary

Configuration Steps

In Okta, select the Sign On tab for the Lola SAML app and scroll down to the ADVANCED SIGN-ON SETTINGS section:

Enter ACS URL and Audience URI values, set Application username format: select email


  • Find the “Identity Provider Metadata”

2. Log into Lola and head to “Manage”

  • Under the “Settings” tab, go to “Integrations.” Scroll down until you see the “SAML SSO” tile.

    Screen Shot 2020-05-04 at 11.29.00 AM
  • Copy the values from Okta’s “Identity Provider Metadata” and enter them into Lola

Screen Shot 2020-05-04 at 11.29.17 AM
Note: When copying and pasting values from the metadata url, do not include the opening and closing tags, or the quotes around the url.

image (11)

Image from iOS (13)
  • Enter Lola’s values (ACS URL, Audience URI) from the wizard into Okta’s “Advanced Sign-on Settings” field

  • For the application username format, select “Email.”

  • Click Save, and you’re all set!



All done!