search
Log InContact Support

Okta SAML Integration

Learn how to set up SAML with Okta for your Government Solutions organization

Verkada Command can integrate with Okta using Security Assertion Markup Language (SAML).

SAML manages the authentication process, allowing Okta to control access to Command in the same way it manages other Software as a Service (SaaS) applications in your Okta tenant. This integration lets you incorporate Command into your existing identity framework and enforce your current access policies.

triangle-exclamation

Government Solutions organizations must create a custom SAML application in Okta. There is no pre-built Verkada Okta app available for Government Solutions tenants.

hashtag
Before you begin

For a successful integration, make sure you have the following:

  • Admin access to your Okta tenant

  • Generate a client-ID

hashtag
Create a custom SAML application

1

Log in to the Okta Admin Console.

2

Go to Applications → Applications → Create App Integration.

3

Select SAML 2.0 and click Next.

4

Enter an app name (for example, Verkada Command – Government Solutions).

5

Click Next.

6

Configure the following fields:

Single sign-on URL

https://saml.prod-govus-pine.verkadagov.com/saml/sso/<client-ID>

Audience URI (SP Entity ID)

https://saml.prod-govus-pine.verkadagov.com/saml/sso/<client-ID>
circle-exclamation

Replace <client-ID> with the client ID from the SSO setup page in Command.

Additional Settings

  • Default RelayState: Leave blank

  • Name ID format: EmailAddress

  • Application username: Email

7

Click Next, then Finish.

hashtag
Attribute mappings

1

In the Okta app, go to Sign On > Attribute statements > Show legacy configuration > Edit.

2

Set up attributes mapping as follows:

  • email → URI Reference → user.email

  • firstName → URI Reference → user.firstName

  • lastName → URI Reference → user.lastName

hashtag
Download Okta metadata

1

In the Okta app, go to Sign On → SAML Signing Certificates.

2

Generate a certificate if one does not exist.

3

Click Actions → View IdP metadata.

4

Right-click on the page and select Save As to save the data as an XML file (for example, okta-metadata.xml).

5

Continue to Verkada Command to complete the configuration.

hashtag
Assign users in Okta

1

In Okta, open the Verkada Command app.

2

Go to the Assignments tab.

3

Assign users or groups who should have access to Command.

hashtag
Troubleshooting

  • Username changes do not automatically sync with Command. If you update a user’s email, unassign the user from the SAML app and then re-add them for the change to take effect.

  • New users cannot sign in via SSO. This may occur if the user’s email domain is not included in the SSO configuration. If the domain was not added when SSO was set up, update the configuration to include the missing domain.

  • Ensure you are using the Government Solutions endpoint:

    • https://saml.prod-govus-pine.verkadagov.com/saml/sso/<client-ID>

    • Using commercial Verkada endpoints will not work for a Government Solutions Configuration.

  • If you experience any other problems with setting up SSO, contact Verkada Support.

Last updated

Was this helpful?