Scenario
You use Okta as your identity provider and want employees to sign in to PlusPlus with their Okta credentials.
Solution
Setup has two halves: register the PlusPlus app in Okta, then enable the integration in PlusPlus.
Register in Okta
Install the PlusPlus app from the Okta Integration Network (OIN) and assign it to the appropriate users or groups.
Enable in PlusPlus
Go to System Settings > Security. In the Single Sign On (SSO) section, enable Okta SSO.
In the SAML Settings panel, fill in Core SAML Settings using values from your Okta app:
Issuer URL
SAML endpoint
X.509 certificate
Once saved, an Okta SSO button appears on the PlusPlus login page. Changes to SAML settings take effect immediately; no service restart is required.
This pre-set integration uses the default attribute mapping:
PlusPlus attribute | Okta attribute |
First name | First Name |
Last name | Last Name |
Profile picture | Picture |
If you need to map different Okta attributes β or any of the other Custom SAML Settings β configure Okta as a Custom SAML Provider instead.
Go deeper
When to use Custom SAML instead
The pre-set Okta integration uses only the Core SAML Settings β three values from your Okta app. If you need any of the additional configuration that lives in the Custom SAML Settings section (custom attribute mapping, authentication context classes, authentication context comparison, login button label, or color), configure Okta as a Custom SAML Provider instead. See SSO Integration: A Custom SAML Provider.
Provisioning
The Okta SSO integration handles authentication only. For automated user provisioning and deprovisioning via Okta, configure SCIM separately β see People Integration: SCIM. Account attributes beyond those carried in the SAML assertion (job title, manager, department, custom attributes) are provided by a People Integration method, not by SSO.