" Single Sign-On Setup for Okta
User Guide
Nitro Admin Portal

Single Sign-On Setup for Okta

Step 1: Create a new application on Okta

1. Log in to the Okta Admin Console.
2. From the left navigation pane, select Applications.
3. Click Create App Integration.

Screenshot 2025-06-13 at 18.09.40.png

4. In the Create a new app integration panel, select SAML 2.0 and click 'Next.'

Screenshot 2025-06-13 at 18.18.48.png

5. On the General Settings step

Screenshot 2025-06-13 at 18.20.19.png

6. On the 'Configure SAML' step

  • Under SAML Settings, enter the following placeholder values:
    • Single Sign-On URL: https://gonitro-prod.eu.auth0.com/login/callback
    • SP Entity ID:placeholder

These will be updated later in Step 3.

Screenshot 2025-06-13 at 18.21.15.png

7. Under Attribute Statements, map the following fields:

NameValue
emailuser.email
given_nameuser.firstName
family_nameuser.lastName
Image 5.png

8. Click Next through the remaining steps to complete the app creation.

Screenshot 2025-06-13 at 18.31.39.png

9. Go to the Sign On tab of the newly created application.
10. Under Metadata Details:

  • Download the Signing Certificate
  • Copy the Sign on URL
Screenshot 2025-06-13 at 18.33.38.png

11. Rename the certificate file extension from .cert to .cer before uploading to Nitro Admin Portal.

Step 2: Set Up SAML SSO in the Nitro Admin Portal

1. Log in to the Nitro Admin Portal
2. From the left navigation pane, go to Settings, then navigate to the Single Sign-On tab.
3. Click Edit Configuration

Screenshot 2025-06-13 at 18.34.19.png

3. Paste the Sign on URL copied from Okta into the Sign-in URL field.

4. Upload the Signing Certificate downloaded from Okta into the X.509 Signing Certificate field. (Make sure the certificate file extension .cer before uploading)

Screenshot 2025-06-13 at 18.35.46.png

5. Click Submit and Enable SSO, then click Save.

Screenshot 2025-06-13 at 18.37.02.png

6. Copy the following values for use in the next step:

  • Entity ID
  • Reply URL 1
  • Reply URL 2

Step 3: Update SAML Settings in Okta

1. Go back to Okta Admin Console.

2. Navigate to Applications > Nitro SSO App > Sign On tab, Click Edit on SAML Settings

3. Update the placeholder values using the values copied from Nitro Admin:

  • Paste SAML Entity ID to Audience URI (SP Entity ID)
  • Paste Reply URL 1 to Single sign-on URL
Screenshot 2025-06-16 at 09.55.43.png

4. Paste and Reply URL 2 to Other Requestable SSO URLs

Okta does not support query parameters (e.g., ?connection=xxxx) in the Requestable SSO URL. Therefore, only add: https://auth.gonitro.com/login/callback

5. Save Changes
6. Click General Tab
7. Click Edit on App Settings
8. Set Provisioning to On-Premises provisioning
9. Click Save

Tags
Single Sign-On (SSO)