Skip to content
English
  • There are no suggestions because the search field is empty.

Setup Single Sign-On (SSO) with Okta for your Avoma accounts

Use Avoma's SSO with Okta for streamlined access management and unified login experience for your users

Introduction

Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. SSO works based upon a trust relationship set up between an application, known as the service provider, (in this case Avoma) and an IDP (identity provider), like Okta, Azure AD, One Login etc.

Single Sign-On (SSO) is a feature that is available only on select subscription plans. To confirm whether your organization qualifies for this feature, please visit the pricing page before requesting its activation.

 

This help article documents the process of setting up SSO with Okta using the Open ID connect (OIDC) protocol or SAML 2.0 protocol for your Avoma account.

Disclaimer : 
Please note that after SSO is enabled for your account, users will only be able to log in using SSO. Other authentication methods, such as Log in with Google/Microsoft, will no longer be functional.

While we recommend Okta Open ID Connect (OIDC) as the preferred authentication protocol for SSO with Avoma, we also support SAML 2.0 authentication protocol. 

  1. Setting up SSO for Avoma with Okta OIDC
  2. Setting up SSO with Okta SAML 2.0

You can choose either ways to setup SSO. 

Setting up SSO for Avoma with Okta OIDC

Setting up SSO for Avoma with Okta OIDC is a two step process.

  1. Create an Avoma app in Okta with OIDC option
  2. Provide details to set up Okta OIDC in Avoma.

Step 1 : Create an Avoma app in Okta

Prerequisite : You must be an admin in Okta to be able to set up Avoma app in Okta for SSO

  1. Log in to your Okta account > Admin > Applications section.
    Screenshot 2025-08-23 at 12.02.01 PM


  2. Click on Create App Integration
    Screenshot 2025-08-23 at 12.03.30 PM
  3. Select "OIDC" as the Sign-In Method and "Web Application" as the Application Type. Then click on the "Next" button.

    Screenshot 2025-08-23 at 12.14.56 PM
  4. In the General settings, enter "Avoma (OIDC)" as the App integration name and select “Authorisation Code“ as the grant type. 
    Screenshot 2025-08-23 at 12.16.41 PM

  5. In the Login section,
    1. Enter https://app.avoma.com/okta/oidc in the Sign-in redirect URIs field.
      If you also use mobile app , Add additional URI  "com.avoma:/callback" in the Sign-in redirect URIs field
    2. Enter https://app.avoma.com/login in the Sign-out redirect URIs field


    Screenshot 2025-08-23 at 12.19.26 PM

  6. In the controlled access section, choose “Skip group assignment for now
    Screenshot 2025-08-23 at 12.20.30 PM
  7. Click Save. A custom OIDC Okta app will be created. Continue to configure the app and assign users to it.
  8. Make note of the Client credentials - Client ID and Client Secret.
  9. Go back to the new app and  look for the LOGIN in the General tab.
  10. In the “Login initiated by” section, select “Either Okta or app”.
  11. For Application Visibility, select “Display application icon to users“
  12. For Login flow, select Redirect to app to initiate login (OIDC Compliant).
  13. For Initiate login URI, enter: https://app.avoma.com/oidc/login
    Screenshot 2025-08-23 at 12.07.08 PM
  14. Click Save.
  15. Click the Sign On tab and go to the Open ID Connect ID Token section.
  16. For the Issuer URL, select Okta URL. Make a note of it. The URL usually appears in the following format: https://<companyname>.okta.com.

    Screenshot 2025-08-23 at 12.33.12 PM
  17. Now go to the Assignments tab and assign the app users and/or groups that should have access to Avoma.
    Screenshot 2025-08-23 at 12.33.54 PM

Step 2: Set up Okta OIDC in Avoma

Currently, Avoma sets up an SSO on your behalf for your organization. Please contact Avoma Support or your Customer Success Manager and provide the following details:

  1. Client ID
  2. Client Secret
  3. Issuer URL

Once Avoma has configured SSO for you, you will receive a confirmation. Avoma will also terminate the existing sessions for all your users so that they can freshly log in using SSO.

Your users can then start using the SSO option on the Avoma login screen to access their accounts. 


 

Setting up SSO with Okta SAML 2.0

Setting up SSO for Avoma with Okta SAML is a two step process.

  1. Create an Avoma app in Okta with SAML 2.0 option
  2. Provide details to set up Okta SAML SSO in Avoma.

Step 1 : Create an Avoma app in Okta with SAML 2.0 option

Prerequisite : You must be an admin in Okta to be able to set up Avoma app in Okta for SSO

  1. Log in to your Okta account > Admin > Applications section.
    Screenshot 2025-08-23 at 12.02.01 PM
  2. Click on Create App Integration
    Screenshot 2025-08-23 at 12.03.30 PM
  3. Select "SAML 2.0" as the Sign-In Method and "Web Application" as the Application Type. Then click on the "Next" button.
  4. Enter the App Name on the next screen and hit Next. 
    Screenshot 2025-08-23 at 12.36.32 PM
  5. In the SAML settings section , enter "https://prod-api.avoma.com/saml2/acs" in the Single sign-on URL and enable the checkbox . 
  6. In the Audience URI and Default Relay state enter "https://app.avoma.com" . 
  7. Select "Email Address" for the Name ID format  ,
  8. Select "Email" for Application User Name
  9. Select  "Create and Update" for Update Application Username on setting. 
    Screenshot 2024-08-05 at 3.02.40 PM
  10. In the Attribute Statements section, enter values as shown below
  11. Scroll down to click Next.
  12. Select "It's required to contact vendor to enable SAML" and click Finish. 
    Screenshot 2025-08-23 at 12.39.50 PM

  13. Your SAML app creation is complete. You will be shown a screen with details about the Metadata URL and Issuer. Copy the Metadata URL and Issuer. 

  14. Now go to the Assignments tab and assign the app users and/or groups that should have access to Avoma.
    Screenshot 2025-08-23 at 12.42.22 PM

Step 2: Provide details to set up Okta SAML SSO in Avoma

Currently, Avoma sets up an SSO on your behalf for your organization. Please contact Avoma Support or your Customer Success Manager and provide the following details:

  • Metadata URL copied in Step 1
  • Issuer copied in Step 1

Once Avoma has configured SSO for you, you will receive a confirmation. Avoma will also terminate the existing sessions for all your users so that they can freshly log in using SSO.

Your users can then start using the SSO option on the Avoma login screen to access their accounts.