How to Configure SAML 2.0 for Rockset

Contents

• Supported Features
• Configuration Steps
• Notes

---

Supported Features

The Okta/Rockset SAML integration currently supports the following features:

• SP-initiated SSO
• IdP-initiated SSO
• JIT (Just In Time) Provisioning

For more information on the listed features, visit the Okta Glossary.

---

Configuration Steps

1. Login to your Rockset admin account.

2. Navigate to Manage > Users > Access Settings:

   

3. Enter the following:

   • Rockset SAML URL: Make a copy of this value.

   • Rockset Audience URI: Make a copy of this value.

   • Single Sign-On URL: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • x.509 Certificate: Copy and paste the following:

     Sign into the Okta Admin Dashboard to generate this variable.

   • User Autoprovision (OPTIONAL): Check this option to enable JIT (Just In Time) Provisioning.

   • Autoprovision Role (OPTIONAL): Select the role that will be assigned to a newly provisioned user.

   • SSO-Only Authentication (OPTIONAL): Check this option if you want Rockset only to accept SSO as an authenticator for your organization.

   • Click Enable:

   

4. In Okta, select the Sign On tab for the Rockset SAML app, then click Edit:

   • Enter your Rockset SAML URL and Rockset Audience URI values you made a copy of in step 3 into the corresponding fields.

   • Click Save:

   

5. Done!

---

Notes

The following SAML attributes are supported:

Name	Value
email	user.userName

SP-initiated SSO

1. Go to https://console.rockset.com/ , and enter your email:

   

2. Click Log In: