Okta

Configure SAML for Gearset

Single Sign-On (SSO) lets your team sign in to Gearset using Okta as the identity provider (IdP). If you’re already signed in to Okta, you don’t need to enter your email or password again when you sign in from Gearset.

Contents

Prerequisites

Supported features

Gearset supports the following features when integrated with Okta:

Configuration steps

Follow these steps to configure SAML for Gearset.

Retrieve Gearset values

To complete the setup in Okta, obtain the unique SAML Organization ID from the Assertion Consumer Service (ACS) URL from your Gearset account.

  1. Sign in to Gearset and go to My Account > Single Sign-On.
  2. Locate the ACS URL within your Gearset SAML configuration settings. For example: https://app.gearset.com/saml/********************************/callback.
  3. The segment of the URL between /saml/ and /callback is your unique SAML Organization ID.
  4. Copy this ID and store it securely; it is necessary to complete the Okta configuration.

Configure the Gearset app in Okta

Follow these steps to activate the integration within your Okta tenant.

  1. Sign in to the Okta Admin Console.
  2. Go to Applications > Applications.
  3. Click Browser App Catalog.
  4. Search for Gearset and click Add Integration.
  5. On the General Settings tab, enter the values that you obtained in the previous step.
  6. Optional. Enter an Application label.
  7. Enter the Gearset org ID in the Unique SAML Organization ID field.
  8. Click Done.
  9. Go to the Authentication tab and copy the following values from the SAML 2.0 section:
    • Issuer ID
    • Single Sign-on URL
    • SAML Signing Certificates

Configure SSO in Gearset

To complete the SSO configuration in Gearset, follow these steps:

  1. Sign in to Gearset and go to My Account > Single Sign-On.
  2. On the SAML authentication page, configure the following:
    • SAML ID: Create a unique team ID (e.g., yourcompany-gearset). This ID will be used as part of your custom sign in URL.
    • Issuer ID: Paste the Issuer ID from the Okta Sign on tab obtained in the previous step.
    • Identity Provider Single sign-on URL: Paste the sign-on URL from the Okta Sign on tab obtained in the previous step.
    • Active Signing Certificate: Open the downloaded certificate in a text editor and copy the full contents (including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines).
  3. Click Save configuration.

Verify SP-initiated SSO

SP-initiated SSO allows users to sign in to Okta directly from Gearset. This is the most common way for users to access the platform. There are two ways to perform this:

Sign in through Gearset

  1. Go to your Gearset sign-in page.
  2. Select SAML SSO / Identity Provider.
  3. Enter the SAML ID which was created in the previous step.
  4. Click Log in.
  5. You’re directed to a confirmation page; click Continue.
  6. Enter your Okta credentials on your company's sign-in page.
  7. After verification, you’re signed in to your Gearset dashboard.

Sign-in with a SAML SSO link

  1. Use the Login URL found in the SAML SSO configuration section (e.g., https://app.gearset.com/saml/yourcompany-gearset/login).
  2. Open the Login URL in your browser.
  3. You’re directed to the confirmation page prompting you to authenticate Okta tenant. Click Continue on the confirmation page.
  4. You’re redirected to your company’s Okta sign-in page. Enter your Okta credentials.
  5. After verification, you’re signed in to your Gearset dashboard.

Notes: