The Okta/Procore SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Login to your Procore instance as an administrator.
Navigate to TOOLBOX > Admin:
Select ADMINISTRATIVE SETTING > Single Sign On Configuration, then enter the following:
Single Sign On Issuer Url: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Single Sign On Target Url: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Single Sign On x509 Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Click Save Changes:
Optional: Contact Procore and ask them to configure Single Sign On Domain for the SP-initiated flows. Provide them with your email domain.
Important: Enabling Single Sign On Domain for the SP-initiated flows will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service. Procore does not provide backup log-in URL where users can sign-in using their normal username and password. You can contact Procore support to turn off SAML, if necessary.
Done!
The following SAML attributes are supported:
Name | Value |
---|---|
user.userName |
Open this URL: https://login.procore.com/.
Enter your Email address.
Click Continue: