How to Configure SAML 2.0 for Retool

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/Retool SAML integration currently supports the following features:

• IdP-initiated SSO
• SP-initiated SSO

For more information on the listed features, visit the Okta Glossary.

---

Configuration Steps

1. Work with the Retool support team in order to enable SAML 2.0 for your Retool instance.

2. You will need the following Okta metadata is required to configure SAML authentication:

   Sign into the Okta Admin dashboard to generate this value.

3. Done!

---

Notes

• Make sure that you entered the correct value in the Retool Domain field under the General application tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Retool.

• The following SAML attributes are supported:

  Name	Value
  firstName	user.firstName
  lastName	user.lastName
  email	user.email

SP-initiated SSO

1. Open the following URL: https://[yourRetoolDomain]/auth/login

2. Click Sign in with SAML: