# How to set up Batch’s Single-Sign-On using Okta as an IdP?

{% hint style="warning" %}
**Batch is compatible with all IdPs that support the SAML standard.**

The article outlines the steps for setting up Single Sign-On using Okta as the IdP. **For any other IdP, the article can be used, but will need to be adapted based on your IdP's specific requirements.**
{% endhint %}

Here are the few steps you need to follow to set up Single-Sign-On on Batch’s dashboard.

## 1. Creating an app integration <a href="#h_458ff50fe6" id="h_458ff50fe6"></a>

First, you need to create a new app integration on your Okta dashboard making sure to select “**SAML 2.0**” as the sign-in method.

<div align="center" data-full-width="true"><figure><img src="/files/TYK2DfNyECjSFEUrM5VP" alt="" width="563"><figcaption><p>Okat app creation</p></figcaption></figure></div>

By clicking on the “**Next**” button, you can configure the SAML Integration as follows:

### General settings <a href="#h_b949606ade" id="h_b949606ade"></a>

Add an **App name** (E.g. Batch.com) and a **logo** (optional).

<div align="center"><figure><img src="/files/yq5izQl9m459bYGiN1Yz" alt=""><figcaption></figcaption></figure></div>

The Batch logo is available here 👇

<div align="center"><figure><img src="/files/wouR2LhSf6lz9XaHcpxp" alt="" width="188"><figcaption></figcaption></figure></div>

### Configure SAML <a href="#h_0bbbaab6d8" id="h_0bbbaab6d8"></a>

In this form, the 6 highlighted fields must be filled in with the following information 👇

<figure><img src="/files/7wkNVFZmhyPHFnaiFLLp" alt=""><figcaption></figcaption></figure>

1. Single sign-on URL → `https://dashboard.batch.com/sso/saml/acs`
2. Audience URL → `https://dashboard.batch.com/sso/saml/metadata.xml`
3. Name ID format → `EmailAddress`
4. Application username → `Email`
5. Attribute Statement Name → `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress`&#x20;
6. Attribute Statement Value → `user.email`

## 2. Setup completion on Batch’s end <a href="#h_174a90d3b0" id="h_174a90d3b0"></a>

Once you complete creating your app integration on Okta’s dashboard, you should be redirected to the App’s ***Sign On Settings*** page. Here is the information you will need to share with Batch teams to complete your setup:

1. Sign on URL
2. Issuer
3. Signing Certificate

{% hint style="danger" %}
&#x20;This information is highly sensitive and should be shared **in a secure manner** with restricted access.
{% endhint %}

<figure><img src="/files/j6xo761uAhxKiO5bDt9j" alt=""><figcaption></figcaption></figure>

## 3. User assignment <a href="#h_6f0cea2d1a" id="h_6f0cea2d1a"></a>

The final step on your end will be to assign users to whom you want to grant access to Batch’s dashboard. That can be managed on the “**Assignments**” tab of the previously created app integration in Okta’s dashboard.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://doc.batch.com/developer/technical-guides/how-to-guides/admin-setup-and-configuration/how-to-set-up-batchs-single-sign-on-using-okta-as-an-idp.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.