Skip to main content
Documentation
Troubleshooting
Feature Requests Status

Single Sign-On Using Okta

Edit on GitHub
  • Updated
Fivetran System User Fivetranner

Follow our guide to set up single sign-on (SSO) into Fivetran using the Fivetran Okta gallery application.

Prerequisiteslink

To set up Okta SSO with Fivetran, you need an Okta SuperAdmin or AppAdmin account and a Fivetran account with the Account Administrator Account role.

In Oktalink

Add and configure the Fivetran applicationlink

  1. Log in to your Okta Admin Console and go to Applications - Applications.

  2. Click Browse App Catalog.

    Browse App Catalog

  3. Enter Fivetran in the search box.

  4. Select the Fivetran application.

  5. Click Add.

  6. In the General Settings tab of the Add Fivetran page, leave the pre-configured settings unchanged and click Next.

    Next

  7. In the Sign-On Options tab on the Add Fivetran page, leave the pre-configured settings unchanged and click Done.

    Done

  8. In the Assignments tab on the Fivetran app page, assign the Fivetran app to the users with a Fivetran account.

    NOTE: Fivetran supports Just-In-Time (JIT) user provisioning. If you assign users without a Fivetran account, Fivetran will create new accounts for them with the read-only access. You will need to grant the newly created users the relevant role with the corresponding permissions.

    Assign Users

Get Sign on URL, Issuer and Public certificatelink

To complete setup in Fivetran, you need the Sign on URL, Issuer and Public certificate. Follow these steps to get them:

  1. In the Sign On tab on the Fivetran app page, click View Setup Instructions.

    Get Certificates

  2. Make a note of the Sign on URL, Issuer, and Public certificate values. You will need them to configure Fivetran.

    NOTE: Your public certificate should not include leading and trailing labels such as -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. Copy only the value between these labels.

    TIP: When configuring Single Sign-On with Okta in Fivetran, log in to your Okta account and go the Fivetran app page to be able to copy-paste the values.

In Fivetranlink

NOTE: By default, Fivetran allows Just-In-Time (JIT) user provisioning. If you don’t have a Fivetran user for the specified OneLogin user, the Fivetran user will be created automatically with the read-only access. To grant the newly created user the relevant role with the corresponding permissions, log in as a Fivetran user with the Users: Manage permission and manage the user’s roles and permissions on the Users tab of the Account Management page.

  1. Go to the account management page in your Fivetran dashboard.

  2. Go to the Settings tab.

  3. Toggle the Enable SAML authentication selector to ON.

  4. Fill the Sign on URL, Issuer and Public certificate fields with the values you noted in Step 2: Get Sign on URL, Issuer and Public certificate.

    In Fivetran

  5. Click Save Config at the bottom of the settings page. You’ll see Account settings successfully saved.

Testing SSO (Optional)link

IMPORTANT: If you assigned the Fivetran app to a user who doesn’t have a corresponding Fivetran user, you need to grant them write access after they have been automatically provisioned in your Fivetran account.

To test SSO, follow these steps:

  1. In Okta, log in to the Okta End-User Dashboard as the user you have granted access to.
  2. Click Fivetran. You will be redirected to your Fivetran dashboard.
Was this article helpful?
1 out of 1 found this helpful
Return to top

Related articles

Didn’t find what you need?

Contact support