Skip to main content
All CollectionsAccount, billing and user settingsUsers, logins and securityManaging users via Single Sign On (SAML)
Configuring Okta SAML Single sign-on
Configuring Okta SAML Single sign-on

Guide to configuring Okta SAML Single Sign-on on your HandsHQ account

Michelle Kimbler avatar
Written by Michelle Kimbler
Updated over a year ago

This guide is for users looking to configure their Okta identity provider with HandsHQ to enable SAML Single sign-on.

This is a brief overview of how to configure the setup. Please refer to the Okta Help Centre for more information on how to use this service.

HandsHQ and Single sign-on: full overview

Add the HandsHQ app to Okta

To connect HandsHQ and Okta, you will first need to add the HandsHQ app to your Okta account.

  • Log in to your Okta account and head to the Applications page.

  • Select Create App Integration from the options.

  • Choose SAML 2.0 ⇒ Next

  • Add and app name HandsHQ ⇒ Next

Set up SAML SSO

Enable SSO in HandsHQ

Next, you'll need to set up SAML SSO in Settings ⇒ Single Sign-on.

  • Open HandsHQ

  • Select Settings at the top of the screen.

  • In the Single Sign-on section, click Enable SAML SSO.

Set up HandsHQ in Okta

  • Still in HandsHQ, scroll down and change "Identity provider" to Okta

  • Copy Service provider single sign-on URL

  • Return to Okta and paste it into the Single sign-on URL field

  • Go back to HandsHQ and copy Service provider metadata URL

  • Return to Okta and paste it into the Audience URI (SP Entity ID) field

  • Leave the default settings for the rest of the fields

Overview of information to copy from HandsHQ into Okta:

Field to copy from HandsHQ

Paste into equivalent Okta field

Service provider single sign-on URL

Single sign-on URL

Service provider metadata URL

Audience URI (SP Entity ID)

Leave the default settings for the rest of the fields as per the screenshot below.

Enable just-in-time provisioning

To enable Just-in-time provisioning in Okta:

  • Go to Attribute statements

  • Add the following attributes (see image)

  • Click Next and then Finish

Set up Okta in HandsHQ

  • In Okta, go to the Sign On tab, scroll down and click on View SAML setup instructions

  • Copy Identity Provider single sign-on URL

  • Go back to HandsHQ and paste it into Identity provider single sign-on URL field

  • Return to Okta and copy the Certificate (don’t copy Begin certificate and End certificate text)

  • Go back to HandsHQ and paste it into the Identity provider certificate field ⇒ Save changes

Set up users in Okta

  • Now return to Okta, go to Directory => People and assign users to the HandsHQ app

Field to copy from Okta

Paste into equivalent field in HandsHQ

Identity Provider single sign-on URL

Identity provider single sign-on URL

Certificate (don’t copy Begin certificate and End certificate text)

Identity provider certificate

You’re all set, users can now log into HandsHQ using Single Sign-on.

💡 Please note, you will need to also give users permission to access divisions in HandsHQ. You can do so either through HandsHQ Setting ⇒ Users or via email you’ll receive.

Okta Help Centre has for more information on how to use this service.

HandsHQ and Single sign-on: full overview

Related Articles
Guide to Single sign-on (SAML SSO)
Configuring Azure Active Directory SAML Single sign-on
Single sign-on (SSO) released (Jan 2023)
Integrate users via SAML SSO
Create a project in HandsHQ from Salesforce via Zapier
Did this answer your question?