Authentication & User Management
-
- Set up and populate your SaaS stack
- Integrate your ERP & accounting software with Sastrify
- Uncover SaaS Usage and Shadow IT with SSO Discovery Integrations
- Admin Installation Guide: Sastrify Browser Extension for Google Chrome
- Admin Installation Guide: Sastrify Browser Extension for Microsoft Edge
- Manual Installation Guide: Sastrify Browser Extension for Google Chrome
- Manual Installation Guide: Sastrify Browser Extension for Microsoft Edge
- Set renewal dates & reminders
- Assign and modify tool owners
- Upload your SaaS documents into Sastrify
- Sastrify App Support: Assistance at your fingertip
- Sastrify's commitment to security and privacy standards
- Getting started guide: Fast and easy way to self-onboard your Sastrify platform
-
- Google Workspace SSO integration for subscription discovery
- Enhance organizational SaaS management with HRIS Integrations
- Summary tab & Contract AI for storing your subscription details
- Use discovered page to detect new subscriptions
- Tools and Spend Importer: Easily upload and visualize data in Sastrify
- Align vendor names using the Tool Matching feature
- Add Sastrify App to your Slack workspace
- Manually add a new subscription on the go
- How to bulk upload your invoices
- Forward your SaaS documents via email
- Change notification preferences
- A quick glance at your stack using the overview page
- Manage activities and collaborate using custom tasks
- Task Automation: Streamline the creation of routine tasks
- Sunset or delete inactive subscriptions
-
- Workflows: Automate procurement processes with consistency
- Requests: Streamline procurement process and internal approval
- Get expert procurement support for new purchases and renewals
- How to submit and track Procurement Requests via Jira Integration
- Scope of service: Custom benchmarking & contract review
- Scope of service: Negotiation & renewal support
- Scope of service: Custom SaaS Optimization Advisory
- Vendor Insights: Tool-specific information at your fingertips
- Purchase your SaaS through the SastriMarket
- Control your cloud costs with SastriCloud
-
- Usage Analytics: Full visibility into usage and cost optimization
- Okta Discovery and Usage Analytics Integration Guide
- How to integrate Pleo with Sastrify
- Spend Import: Validate and fine-tune your imported spend data
- How to connect Microsoft Dynamics 365
- How to connect NetSuite
- How to connect Quickbooks
- Export spend data from Candis to Sastrify
- Export spend data from Spendesk to Sastrify
- Export spend data from Pleo to Sastrify
- Export spend data from Moss to Sastrify
- Export spend data from DATEV to Sastrify
- Export spend data from Ramp to Sastrify
-
- Configure and manage your authentication settings
- Understanding user roles and permissions
- Configuring Microsoft SSO Authentication for Sastrify
- Configuring Okta SSO Authentication for Sastrify
- Configuring JumpCloud SSO Authentication for Sastrify
- Configuring Cisco Duo SSO Authentication for Sastrify
- Configuring OneLogin SSO Authentication for Sastrify
- Configuring Cloudflare SSO Authentication for Sastrify
- Having trouble logging in?
-
- ERP & Accounting Integration FAQs
- SSO / IDP Discovery Integration FAQs
- Browser Extension FAQs
- HRIS Integration FAQs
- Usage Analytics FAQs
- Contract AI & Subscription Details FAQs
- Tools and Spend Importer FAQs
- Invoices FAQs
- Achieved & Potential Savings FAQs
- Form component guide for Sastrify form builder
- What is SaaS and Sastrify's scope of work?
- Who can invite a new user?
- Who receives the renewal alerts or reminders?
- How does Sastrify work with currencies?
- Is the spend data from accounting export always up-to-date?
- How to work with benchmark prices
- When and how to involve Sastrify in a contract evaluation or negotiation?
- How does Sastrify interact with SaaS vendors?
- How do you handle confidentiality clauses in vendor contracts?
- Does Sastrify handle SaaS contract termination?
- Why is contract data essential for benchmarking and negotiation support?
Configuring Okta SSO Authentication for Sastrify Print
Modified on: Wed, 19 Nov, 2025 at 3:46 AM
This guide walks you through setting up Okta single sign-on (SSO) for logging into Sastrify.
To set up Okta SSO as your login method in Sastrify, follow these steps:
- Select "Login with Okta" in your Sastrify platform.
- Add Sastrify from Okta App Catalog, and generate the SSO credentials.
- Send credentials to Sastrify.
- Enable Universal Logout.
- (Optional but recommended) Create a bookmark in Okta to enable IdP-initiated login
Each step is outlined below.
IN THIS ARTICLE
- Step 1: Select the login method in Sastrify
- Step 2: Add Sastrify from Okta App Catalog
- Step 3: Retrieve SSO Credentials
- Step 4: Send the credentials to Sastrify
- Step 5: Complete Universal Logout setup
- Step 6: Create a bookmark in Okta (Optional but recommended)
- Frequently Asked Questions
Step 1: Select the login method in Sastrify
- Go to: Settings > User & Company Data > Authentication Settings
- Click "Edit".
- Select "Login with Okta".
- Click "Enable SSO".
After you click Enable SSO, you’ll see a confirmation message. This also triggers an email from Sastrify with instructions to provide your Okta credentials, which you’ll need to complete Step 3.
Step 2: Add Sastrify from Okta App Catalog
- Log in to your Okta Admin Console.
- Navigate to Applications > Browse App Catalog.
- Search for Sastrify and add the application.
- Assign the users or groups that should be able to log into Sastrify.
Step 3: Retrieve SSO Credentials
After you have successfully created the app integration in your organization and assigned users or groups, search for it on the Applications page.
- Click App Integration to open the settings page.
- On the Authentication tab, the sign-on methods' OpenID Connect section.
- Copy the client ID and client secret.
- Find your issuer URL by clicking your username in the top-right corner of the Okta Admin Console. The domain listed just below your name is your Issuer URL
- By now you should have all the required credentials: Client ID, Client Secret and Issuer URL.
Step 4: Send the credentials to Sastrify
Reply to the email from Step 1 and include the following:
Client ID
Client Secret
Issuer URL
Once received, the Sastrify Support Team will enable your Okta SSO integration within 2 business days.
Once the setup is complete, Sastrify will notify you via email and provide you with a connection name for the universal logout setup (Step 5).
Step 5: Complete Universal Logout setup
- Go to the Sastrify App in Okta > General tab.
- Scroll down to App Settings.
- Find the field "Connection Name".
- Enter the connection name provided by the Sastrify Support Team.
- Activate universal logout on the Authentication tab by checking the following option.
- Save the configuration.
When Universal Logout is enabled, Okta can terminate user sessions across all applications when:
- An administrator initiates a logout from the Okta Admin Console.
- The Okta system detects risk and terminates sessions for security.
This ensures that when a user is logged out of Okta, they are also logged out of Sastrify.
Step 6: Create a bookmark in Okta (Optional but recommended)
If you'd like to log into Sastrify directly from your Okta dashboard, you can create a Bookmark App. This acts as a workaround for the lack of native IdP-initiated support. You can complete this step before SSO is fully activated.
- In the Okta Admin Console, go to: Applications > Browse App Catalog.
- Search for Bookmark App.
- Click the app, then click Add Integration.
- In the General Settings, enter a label for the external application (e.g., Sastrify) and the URL of the sign-in page for the app. Contact Sastrify Support to receive your custom login URL.
- Click Done to create the Bookmark App.
- Assign and choose the users or groups who should have access to Sastrify, as they need to be assigned to this bookmark.
Frequently Asked Questions
Q: How will I know when Okta SSO is enabled for my account?
A: Once SSO is activated, you and your team will receive an email from Sastrify confirming the change. The email will include a button or link labeled "Continue to log in". You’ll be redirected to the Sastrify login page. There, enter your email address, and you'll be redirected to Okta for authentication.
Q: Can I log in directly from my Okta dashboard?
A: Yes—if you've created a Bookmark App for Sastrify (see Step 4), you can log in directly from your Okta dashboard without going through the Sastrify login page.
Q: What data does this integration access from Okta?
A: The authentication process retrieves user profile attributes (name, email, user ID, etc.) as well as ID token, access token, and refresh token
Q: How are these tokens stored?
A: TTokens are securely cached in our identity management infrastructure. Logs of authentication events (timestamps, IPs, metadata) are also maintained for auditing and security purposes.
Q: How often is the API called?
A: Every 168 hours (7 days)
Q: Do you support SAML for Okta?
A: No, SAML is not supported for Okta.
Q: Do you support IdP-initiated flow for Okta?
A: No, native IdP-initiated flow is not supported. However, you can achieve a similar experience using the Bookmark App described in Step 4.
Did you find it helpful? Yes No
Send feedback