Skip to main content
All CollectionsEmployer experience
How to set up Admin SSO via Okta
How to set up Admin SSO via Okta
Cocoon Support avatar
Written by Cocoon Support
Updated over 2 months ago

To setup SSO through Okta please follow these steps to create a new application

  • Log in to Okta as an administrator and select “Applications” in the navigation bar.

  • Create a new application by selecting the "Create App Integration" button.

  • Choose "OIDC - OpenID Connect" application:

On the next page, fill out the fields including:

  • For Logo, you can use:

  • Sign-in redirect URIs: You should've received a callback URL by Cocoon with the format of https://app.cocoon.com/auth/oidc/callback?org={ORG_NAME}

  • Sign-out redirect URIs: https://app.cocoon.com/logout

  • Assignments: select a group of users who should have access to administer your company's Cocoon instance. Note that currently, Cocoon doesn't provision new employer admin accounts and requires an email to be invited and verified before they can login using SSO. However, we'll start provisioning users based on custom claims in the future. Therefore, make sure that only the actual Cocoon employer admins are assigned to Cocoon.

Information that needs to be shared back with Cocoon

After the new application has been set up, you need to share the client credentials and Issuer URL with Cocoon (for sharing "Client Secret", please use (https://secure.cocoon.com/u/[email protected]):

  • To setup the SSO, Cocoon needs "Client ID" and "Client Secret" under the General tab

  • Additionally you can find "Issuer URL" under "Sign On" tab.

[Optional] Enable Okta-initiated logins (i.e., so that Cocoon app will be added to the user's Okta login portal),

[Optional] Create an Okta bookmark for employees (who will not be using SSO)


Any questions? Please reach out to the Support team at:

Did this answer your question?