Single Sign On With Okta

If you don't have access to the Single Sign On configuration screen, please reach out to our support team at

Currently, our Okta integration is a one-way integration. Users whose accounts are auto-provisioned with Okta are set to the member role.

To enable SSO with Okta:

  1. Log in as an owner of your FireHydrant organization.
  2. In the left nav, click Organization > Single Sign On.
  3. On the Single Sign On page, check the box labeled Enable SSO.
  4. Additional fields appear. In these fields, provide your IdP Login URL, IdP issuer, and IdP X509 certificate. 
  5. In Okta, go to the FireHydrant integration SSO page and click View Setup Instructions.
  6. On the next page, copy the Single Sign On URL, Identity Provider Issuer, and X509 certificate values. Enter these values into the fields in FireHydrant for your Single Sign On settings.


Domains are the email domains you use to send and receive messages. For example, if your email is, add to your domains list. When a user visits the FireHydrant login page (instead of using Okta to log in) and types in their email address, a prompt will direct them to log in with Okta instead.

Just-in-time provisioning

When a user is authenticated with Okta, they are automatically added to the organization with a member role if they do not have an account. Otherwise, accounts are matched on the email provided by Okta on a successful login. When a user is removed from Okta, they are not automatically removed from FireHydrant.


To test, leave your session in FireHydrant open, visit Okta in a new window or tab, and attempt to log in with your newly configured integration. Leaving your FireHydrant session open should prevent you from getting locked out of your account during setup. If you do encounter a lockout, email for help.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

Register your product
You can get support that’s tailored to you, owner exclusives and more
Our helpline hours:
8:00am - 8:00pm CST Monday to Friday; 9:00am - 6:00pm CST Saturday
Follow us on Twitter
Get the latest news and updates first