/
Okta SSO - manual integration guide (recommended)

Okta SSO - manual integration guide (recommended)

Owned by Stan Dmitriev
Last updated: Feb 10, 2025 by Hugo Fournier
3 min read

Create your manual integration in Okta

Here are the parameters for the integration:

Sign-in method: OIDC
Application type: Web Application

App integration name: You are free to name the integration, ie: “ellie.ai“
Logo: You are free to add a logo as well
Grant type: Check Authorization Code only

Sign-in redirect URIs:

Sign-out redirect URIs: leave empty

Trusted Origins: leave empty

Assignments: Limit access to selected groups
Select the group you want to grant access to ellie.ai. Make sure to share with us the group names list with their respective role. For example: members from the “ellie-read” group should be granted the read role in ellie.ai.

 

 

Then once the integration is created, go to the Sign On tab and configure the group claim filter.

Make sure the filter will allow the group names you want to assign roles to.

 

 

You can now setup your Okta SSO in Ellie Admin Settings!

Configuring the integration in Ellie Admin Tools

To configure your Okta SSO configuration login to your Ellie environment as an Admin user and go to Admin Tools → Metadata & SSO → Turn Okta On, to start the Okta Setup. See the example bellow:

 

 

For your “Okta configuration” you’ll need the following information:

  • Client ID

  • Client secret

  • Issuer URI

  • Your Okta group role mapping (ie: “ellie-write” → write)

  • API token can be left empty has is not needed with the manual integration

If you have any questions or need help, reach out to support@ellie.ai.

Group role mapping

Ellie.ai has 4 different roles:

  • Read: the user can read all the models and entities

  • Contributor: the user can read all the models and entities in organization folder and it’s subfolders. Can copy assets to personal folder, and make changes and create new assets in the personal folder. The user can then share their assets to Admin or Write user for review.

  • Write (includes all the read privileges): the user can create and edit models, entities and collections

  • Admin (includes all the write privileges): the user can create and edit all models, entities and collections, also they can restrict a collection to a list of editors. Admins can also change some organization settings, import and export the glossary, and manage API tokens.

You can assign an Okta group to an ellie.ai role.

If a user is a member of groups with different roles, then they will be assigned the highest role.

If a user is not a member of any groups with a role then they will not be permitted to use ellie.ai. It is very important that every user that has access to the app is a member of a group with a role.

 

You do not need to create the ellie.ai roles. The roles are not configurable and limited to read, contributor, write and admin.

 

Related content

Okta configuration guide for ellie.ai
Okta configuration guide for ellie.ai
Ellie Documentation Center
More like this
How to create an Okta API token for ellie.ai
How to create an Okta API token for ellie.ai
Ellie Documentation Center
More like this
Single Sign-On Guides
Single Sign-On Guides
Ellie Documentation Center
More like this
Ellie User Guide - the basics
Ellie User Guide - the basics
Ellie Documentation Center
More like this
Azure Active Directory (AAD) integration guide.
Azure Active Directory (AAD) integration guide.
Ellie Documentation Center
More like this
Frequently Asked Questions
Frequently Asked Questions
Ellie Documentation Center
More like this