Configure SAML for Twilio

Single Sign-On (SSO) lets your team sign in to Twilio using Okta as the identity provider (IdP). If you’re already signed in to Okta, you don’t need to enter your email or password again when you sign in from Twilio.

Contents

• Prerequisites
• Supported features
• Configuration steps
• Verify SP-initiated SSO

---

Prerequisites

• Admin access to your Twilio org.
• An Okta admin role that has permission to manage apps.

---

Supported features

Twilio supports the following features when integrated with Okta:

• SP-Initiated SSO: Users can sign in directly from Twilio.
• IdP-Initiated SSO: Users launch Twilio from the Okta End-User Dashboard.

---

Configuration steps

Follow these steps to configure SAML for Twilio.

Retrieve Twilio values

To complete the setup in Okta, you must first obtain the Connection ID from your Twilio account.

1. Locate Your Connection ID

   The Connection ID is a unique alphanumeric identifier for your specific Twilio environment.

   • Sign in to your Twilio account.
   • Go to Admin > Organization and select Twilio Admin.
   • Select Single sign-on and create a new SSO Profile.
   • Copy the value in the Entity ID field. For example, urn:console:’Connection ID”.

Configure the Twilio Cloud app in Okta

Follow these steps to activate the integration within your Okta tenant.

1. Add the Twilio app from the OIN
   • Sign in to the Okta Admin Console.
   • Go to Applications > Applications.
   • Click Browse App Catalog.
   • Search for Twilio and click Add Integration.
2. Configure general settings
   • Go to the General settings tab.
   • Optional. Enter an Application label.
   • Enter the Connection ID from Twilio.
   • Click Done.
3. Select the sign-on method
   • Go to the Authentication tab.
   • Under Sign-on methods, select SAML 2.0.
4. Assign users to the app
   • Click the Assignments tab.
   • Click Assign > Assign to People (or Groups).
   • Select the users who require access. Click Save, and then click Go Back.
5. Add metadata through manual IdP configuration
   • In the Okta Admin Console, go to Applications > Applications.
   • Search for and select the Twilio app.
   • Go to the Sign On tab and click View SAML setup instructions.
   • Copy the following values:
     • Identity Provider Issuer
     • Identity Provider Single Sign-On URL
     • X.509 Certificate
   • In the Twilio Admin, Select Single sign-on and select the previously created SSO Profile.
   • Under the Configure Identity Provider’s metadata into Twilio section, select Enter Details Manually.
   • Paste the values copied from Issuer ID/URL, Single Sign-On URL, and X.509 Certificate Public Key.
   • Click Save & Continue.
   • To test the connection, select an existing domain or create a new one.
   • To ensure a successful Single Sign-On (SSO) login, the user must be assigned to the Twilio app.

For additional information on configuring SSO with a different SAML 2.0 Identity Provider, refer to the Twilio documentation.

---

Verify SP-initiated SSO

SP-initiated SSO allows users to sign in to Okta directly from Twilio.

Access the SSO sign-in page

1. Go to your Twilio sign-in page (for example, https://www.twilio.com/login).
2. Enter the Email Address that's assigned to the Twilio app.
3. Click Submit. Your Okta sign-in page opens.
4. Enter your Okta credentials. If the credentials are correct, you're signed in to your Twilio dashboard.