How to Configure SAML 2.0 for Sentry


Supported Features

The Okta/Sentry SAML integration currently supports the following features:

Configuration Steps

  1. Sign in to Sentry as an organization owner.

  2. On the left side, click on your profile icon, then select Organization settings.

  3. Make a copy of your Organization Slug.

  4. In Okta, select the Sign On tab for the Sentry SAML app, then click Edit.

    • Scroll down to Advanced Sign-on Settings.

    • Base URL: Enter your Base URL in this format: https//example.com.

      Important: There should not be a trailing slash at the end of the URL as it will break the redirect from Okta to Sentry.

    • Enter your Organization Slug you made of copy of in step 3.

    • Select a value for the Email SAML attribute.

    • Click Save.

    Okta Sign On page, enter Organization Slug, Base URL, select a value for Email attribute

  5. Go back to Sentry, from the left menu go to Settings > Auth > Okta, click Configure:

    In Sentry: Settings > Auth > Okta, then click Configure

  6. On the Register Okta page enter the following into the Metadata URL field, then click Continue:

    Sign into the Okta Admin dashboard to generate this value.

    In Sentry: On the Register Okta page, enter Okta-generated Metadata URL, click Continue

  7. You will be redirected back to Okta. After successful authentication the following message will appear:

    You have successfully linked your account to your SSO provider.
    SSO has been configured for your organization and any existing members have been sent an email to link their accounts.
  8. You will be directed to the Okta Authentication page, enter the following:

    • Make a copy of your Login URL. You will need it for SP-initiated SSO.

    • (Optional) Scroll to the bottom and ensure that Require SSO is checked if you want to enforce logging in with Okta. Unchecking this will allow users to login with their normal username and password.

    • Select a Default Role for new SSO users. Selecting Member should cover most use-cases.

    • Click Save Settings.

    Configure Okta in Sentry

  9. Done!


The following SAML attributes are supported:

Name Value
email Either user.userName or user.email
firstName user.firstName
lastName user.lastName
identifier user.id

SP-initiated SSO

  1. Go to the Login URL you made a copy of in step 8.

  2. Click Login with Okta.