SSO, security & API 8 minUpdated Apr 8, 2026

Configuring SAML SSO with Okta

Set up Okta SAML SSO + SCIM provisioning in under 15 minutes.

Prerequisites

Okta admin access, Dataroom Owner role, your workspace ID (Settings → General).

In Dataroom, open Settings → Authentication → SSO and pick Okta SAML.
Dataroom shows your SP Entity ID, ACS URL, and Audience. Copy these.
In Okta, create a new SAML 2.0 app. Paste the values from step 2.
Set Name ID format to EmailAddress. Add attribute mappings: email, firstName, lastName.
Download the Okta IdP metadata XML and upload it back to Dataroom.
Assign your Okta users to the new app. Test SSO with a user, then enable enforcement.

In Dataroom, open Settings → Authentication → SCIM and generate a SCIM token.
In Okta, enable Provisioning on the app and paste the SCIM base URL + token.
Pick the actions to enable: Create users, Update user attributes, Deactivate users.
Map attributes (email, firstName, lastName, groups → roles).
Push existing assignments. Users are provisioned within seconds.

Same flow works for Azure AD, Google Workspace, JumpCloud, and OneLogin. Pick the provider in step 1.

Was this article helpful?

We use this to prioritize what to rewrite next.

Most articles take less time to do than to read.