Configure SAML 2.0 for Toggl
This guide provides instructions on configuring SAML 2.0 Single Sign-On (SSO) for the Toggl app.
Contents
Supported features
Toggl supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
Prerequisites
- Ensure that you have an Okta admin role with permission to manage apps.
- Ensure that you have Organization Admin access to your Toggl org.
- Ensure that you have a Toggl Premium or Enterprise license.
- Retrieve your SSO_ID from Toggl. Set up your SSO profile in Toggl (see the Toggl SSO Setup Guide) and go to the Integration Details section. Copy the numerical ID at the end of the ACS URL field. This is your SSO_ID (for example, if your ACS URL is
https://accounts.toggl.com/api/sso/acs/123, your SSO_ID is 123).
Integrate the app in Okta
Configure the app in Okta
- In the Admin Console, go to Applications > Applications.
- Click Browse App Catalog.
- Search for and select the Toggl app.
- Click Add Integration.
- On the General Settings tab, enter the SSO_ID you retrieved from Toggl. Click Done.
- On the Sign On tab, under Sign-on methods, ensure SAML 2.0 is selected. Set the Application Username format to Email. Click Save.
- Go to the Assignments tab. Click Assign > Assign to People (or Assign to Groups). Select the users or groups who need access. Click Save and Go Back, and then click Done.
The integration doesn't work for users until you assign them to the app in Okta.
Verify SP-initiated SSO
Go to the Toggl sign-in page. Enter the email address assigned to the Toggl app in Okta. Click Log in with SSO. You're redirected to the sign-in page for your org. Enter your Okta credentials. You're signed in to Toggl.