# Okta

* [Enable Okta](#enable-okta)
* [Login via Okta](#login-via-okta)
* [Add Users to e6data via Okta](#add-users-to-e6data-via-okta)
* [Remove Users from e6data via Okta](#remove-users-from-e6data-via-okta)
* [Disable Okta](#disable-okta)

## Enable Okta

1. Navigate to **Access Control > SSO** from the left side menu.
2. Click on **Add Identity Provider**
3. Provide a name for your Identity Provider
4. Select **Okta**&#x20;
5. Click **Next**&#x20;
6. Follow these steps to [create a new SAML app integration](https://help.okta.com/en-us/Content/Topics/Apps/Apps_App_Integration_Wizard_SAML.htm) in Okta.
   1. In Okta, when prompted for a **Single sign-on URL**, copy & paste the **Single sign-on URL** shown on the e6data SSO page.
   2. In Okta, when asked for an **Audience URI (SP Entity ID)**, copy & paste the **Audience URI (SP Entity ID)** shown on the e6data SSO page.
   3. In the **Attribute Statements (optional)** section create the attributes in Okta identical to those shown on the e6data SSO page. [More information on defining attribute statements can be found here.](https://help.okta.com/en-us/Content/Topics/Apps/define-attribute-statements.htm)

{% embed url="<https://www.loom.com/share/0f418073449f456b8dff951b92088792>" %}
How to enable & configure Okta
{% endembed %}

## Login via Okta

Users can log in by:&#x20;

* Clicking the **Single Sign-On (SSO)** button in the e6data platform.
* Using the [Okta end-user dashboard](https://help.okta.com/en-us/Content/Topics/Settings/new-end-user-dashboard.htm).

SuperAdmin will be able to log in using both SSO and username/password authentication.

## Add Users to e6data via Okta

Please follow [this guide from Okta to assign users](https://help.okta.com/en-us/Content/Topics/users-groups-profiles/usgp-assign-apps.htm) to the application created during SSO setup.

Once a user is added to the e6data application they will be able to [log in via the Okta](#login-via-okta) end-user dashboard.

By default, new users are assigned the Viewer role (least privilege). The user's role [should be changed](/product-documentation/access-control/users.md) by the SuperAdmin or AccessAdmin after the first login.

## Remove Users from e6data via Okta

Please follow [this guide from Okta to remove user access](https://help.okta.com/en-us/Content/Topics/users-groups-profiles/usgp-unassign-apps.htm) to the application created during SSO setup.

## Disable Okta

1. Navigate to **Access Control > SSO** from the left side menu.
2. Toggle **Integrate SSO** to the disabled position.

*<mark style="color:blue;">**Important: When SSO is disabled, each user added using SSO will need to reset their password.**</mark>*

{% embed url="<https://www.loom.com/share/0f418073449f456b8dff951b92088792>" %}
Okta
{% endembed %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.e6data.com/product-documentation/access-control/single-sign-on-sso/okta.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.