# How to set up Batch’s Single-Sign-On using Okta as an IdP?

{% hint style="warning" %}
**Batch is compatible with all IdPs that support the SAML standard.**

The article outlines the steps for setting up Single Sign-On using Okta as the IdP. **For any other IdP, the article can be used, but will need to be adapted based on your IdP's specific requirements.**
{% endhint %}

Here are the few steps you need to follow to set up Single-Sign-On on Batch’s dashboard.

## 1. Creating an app integration <a href="#h_458ff50fe6" id="h_458ff50fe6"></a>

First, you need to create a new app integration on your Okta dashboard making sure to select “**SAML 2.0**” as the sign-in method.

<div align="center" data-full-width="true"><figure><img src="https://38998153-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCL8wF0y1T2vLnm3yR2MW%2Fuploads%2FL08paxtEQYVm3eeRhdvd%2FtechnicalGuides_OktaSSO_200525.png?alt=media&#x26;token=1804d3ab-f37e-40cc-89a4-37c1a9d281c1" alt="" width="563"><figcaption><p>Okat app creation</p></figcaption></figure></div>

By clicking on the “**Next**” button, you can configure the SAML Integration as follows:

### General settings <a href="#h_b949606ade" id="h_b949606ade"></a>

Add an **App name** (E.g. Batch.com) and a **logo** (optional).

<div align="center"><figure><img src="https://38998153-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCL8wF0y1T2vLnm3yR2MW%2Fuploads%2F0bVxBCw5CLQe8h1sphSU%2FtechnicalGuides_OktaSAML_200525.png?alt=media&#x26;token=16d3dc48-626d-46f7-baf4-2033d13f36f2" alt=""><figcaption></figcaption></figure></div>

The Batch logo is available here 👇

<div align="center"><figure><img src="https://38998153-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCL8wF0y1T2vLnm3yR2MW%2Fuploads%2FkMUzSwbQmgJRpGnslXAt%2FtechnicalGuides_200525.png?alt=media&#x26;token=f165e8a5-0ed7-41c5-884f-9dd545e162e9" alt="" width="188"><figcaption></figcaption></figure></div>

### Configure SAML <a href="#h_0bbbaab6d8" id="h_0bbbaab6d8"></a>

In this form, the 6 highlighted fields must be filled in with the following information 👇

<figure><img src="https://38998153-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCL8wF0y1T2vLnm3yR2MW%2Fuploads%2FwZSjH8Llevr3uUq8cfEy%2FtechnicalGuides_OktaSAMLInte_200525.png?alt=media&#x26;token=e1fce45d-925f-4f12-bc9e-803183c2189c" alt=""><figcaption></figcaption></figure>

1. Single sign-on URL → `https://dashboard.batch.com/sso/saml/acs`
2. Audience URL → `https://dashboard.batch.com/sso/saml/metadata.xml`
3. Name ID format → `EmailAddress`
4. Application username → `Email`
5. Attribute Statement Name → `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress`&#x20;
6. Attribute Statement Value → `user.email`

## 2. Setup completion on Batch’s end <a href="#h_174a90d3b0" id="h_174a90d3b0"></a>

Once you complete creating your app integration on Okta’s dashboard, you should be redirected to the App’s ***Sign On Settings*** page. Here is the information you will need to share with Batch teams to complete your setup:

1. Sign on URL
2. Issuer
3. Signing Certificate

{% hint style="danger" %}
&#x20;This information is highly sensitive and should be shared **in a secure manner** with restricted access.
{% endhint %}

<figure><img src="https://38998153-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCL8wF0y1T2vLnm3yR2MW%2Fuploads%2FpWj4mvZasy3rw78WmE3s%2FtechnicalGuides_oktaSSOsetup_200525.png?alt=media&#x26;token=3e05280f-f31c-490e-8316-32124c7d7374" alt=""><figcaption></figcaption></figure>

## 3. User assignment <a href="#h_6f0cea2d1a" id="h_6f0cea2d1a"></a>

The final step on your end will be to assign users to whom you want to grant access to Batch’s dashboard. That can be managed on the “**Assignments**” tab of the previously created app integration in Okta’s dashboard.