Skip to main content

SSO with Okta

  • Updated

Single Sign-On (SSO) allows users to access deskbird seamlessly using their existing Okta credentials. This guide walks through setting up a SAML 2.0 integration between Okta and deskbird, including an optional Bookmark app for your Okta dashboard.

  1. Understand the setup
  2. Create the SAML app in Okta
  3. Configure SAML settings
  4. Add attribute statements
  5. Collect SAML metadata
  6. Optional: Add a Bookmark app to the Okta dashboard
  7. FAQs

1. Understand the setup

Integrating deskbird with Okta requires two separate app registrations, depending on your needs:

App type Purpose Visible to users?
SAML 2.0 app Handles the actual federation / SSO connection between Okta and deskbird. No — keep this app hidden from the Okta dashboard.
Bookmark app (optional) Provides a clickable tile on the Okta dashboard that launches the SP-initiated login flow. Yes — this is what users see and click.

⚠️ Important: The SAML 2.0 app and the Bookmark app are not the same. The SAML app powers the connection; the Bookmark app simply provides a convenient launch tile. If you only need IdP-initiated login or users will access deskbird directly via app.deskbird.com, the Bookmark app is not required.

2. Create the SAML app in Okta

  1. Open Okta and go to Applications Applications.
  2. Click Create App Integration.
  3. Select SAML 2.0 and click Next.

Okta — Create App Integration dialog with SAML 2.0 selected.

  1. Enter a name for the app (e.g. deskbird SSO) and optionally upload a logo.
  2. Click Next to proceed to the SAML configuration.

💡 Tip: Since this app handles the federation only, consider hiding it from the Okta dashboard. You can do this under the app's General App visibility settings after creation.

3. Configure SAML settings

On the Configure SAML screen, enter the following values:

Field Value
Single sign-on URL https://app.deskbird.com/__/auth/handler
Audience URI (SP Entity ID) https://api.deskbird.app/saml/metadata

Okta — SAML settings showing Single sign-on URL and Audience URI fields.

4. Add attribute statements

Still on the Configure SAML screen, scroll down to Attribute Statements and add the following three mappings:

Name Value
first_name user.firstName
last_name user.lastName
email user.email

Okta — Attribute Statements with first_name, last_name, and email mapped.

Click Next, then Finish to create the application.

5. Collect SAML metadata

After creating the app, navigate to the Sign On tab of the newly created application.

Okta — Sign On tab of the deskbird SAML application.

  1. Click View SAML setup instructions (bottom right).
  2. Copy the following three values and send them to the deskbird support team via support@deskbird.com:
    • Identity Provider Single Sign-On URL
    • Identity Provider Issuer
    • X.509 Certificate

Okta — SAML setup instructions showing the three required values.

Alternatively, scroll to the bottom of the setup instructions page and send the full XML metadata instead.

Okta — XML metadata at the bottom of the SAML setup instructions.

Once the deskbird support team has received the metadata, they will configure the connection on the deskbird side and confirm when SSO is ready to use.

6. Optional: Add a Bookmark app to the Okta dashboard

If you want users to see a deskbird tile on their Okta dashboard that they can click to log in, create a separate Bookmark app.

  1. In Okta, go to Applications Applications and click Browse App Catalog.
  2. Search for Bookmark App and select it.
  3. Set the URL to the SP-initiated login flow:
    https://app.deskbird.com/saml?providerName={saml-provider-ID}

The SAML provider ID follows the pattern saml.{company-name}. For example, if your company is called "Polaroid", the URL would be:
https://app.deskbird.com/saml?providerName=saml.polaroid

⚠️ Important: The Bookmark app is only a shortcut. It does not replace the SAML 2.0 app created in the previous steps. Both apps must exist — the SAML app (hidden) for the federation, and the Bookmark app (visible) for the dashboard tile.

7. FAQs

Okta's Bookmark app type cannot handle SAML federation — it only redirects to a URL. The SAML 2.0 app handles the actual authentication exchange with deskbird. The Bookmark app simply gives users a clickable tile on the Okta dashboard that triggers the SP-initiated login flow. Without the SAML app, the Bookmark link would have nothing to authenticate against.

Yes. The Bookmark app is optional. If your users access deskbird directly via app.deskbird.com or through a different portal, you only need the SAML 2.0 app. The Bookmark app is purely a convenience for showing a deskbird tile on the Okta dashboard.

The SAML provider ID is provided by the deskbird support team after they configure SSO on the deskbird side. It follows the format saml.{company-name} (e.g. saml.polaroid). If you are unsure of your provider ID, reach out to your deskbird contact.

Send the SAML metadata (either the three individual values or the full XML file) to support@deskbird.com. The deskbird team will configure the connection and confirm once SSO is ready to use.

Need more help? Contact us here.

Return to top

Related articles