Okta

Overview

Okta enables you to provide Single Sign-On (SSO) access to cloud, on-premise, and mobile applications. You sign into Okta and you can then launch any of your web apps without having to reenter your credentials. You can integrate Okta with Branch in order for your teams to access the Branch Dashboard through an application integration set up in your Okta environment.

Integration Guide

Prerequisites

1. In Okta, navigate to Application

2. Click Browse App Catalogue

3. Search for "Branch" and click "Branch SAML"

4. Add the Application

5. Enter Label and Subdomain

6. Navigate to Sign On tab

7. Click "Identity provider metadata"

Retrieve the following:

  • x509 Certificate

  • Entity ID

  • SAML endpoint

Example:

8. Enable SSO within the Branch Dashboard

Contact Support with the following information to enable SSO for your Branch Dashboard:

  • App ID (located in Account Settings of the Branch Dashboard)

  • Email Domain

  • Dashboard Subdomain (same one on Step 5)

  • Okta Admin email addresses

9. Enter Identity Provider Metadata

In the Branch Dashboard, navigate to the SSO tab in Account Settings and enter the information gathered from Step 7 into the corresponding fields and click the Save button.

10. Add users

Add users in the Branch Dashboard

Add users in Okta

11. Log into Branch using SSO

Use the following format when logging into the Branch Dashboard:
https://{YOUR_SUBDOMAIN}.dashboard.branch.io

Advanced

Custom Attribute Mapping

By default, the out-of-the-box Branch SAML application in Okta will map email address to be the same as username. If your setup uses a different mapping for those attributes, then you will have to create a custom SAML application in Okta. Most of the steps above are still required for the integration, but you will need to manually set the attribute mappings for your company's Okta username.