|
| 1 | +--- |
| 2 | +date: 2025-06-12 |
| 3 | +title: Pusher Channels Docs | SSO |
| 4 | +description: Our third party integrations mean you can make the most out of building your apps with Channels. Including Librato, Datadog and Metrics. |
| 5 | +layout: channels.njk |
| 6 | +eleventyNavigation: |
| 7 | + parent: Miscellaneous |
| 8 | + key: SSO |
| 9 | + order: 3 |
| 10 | +--- |
| 11 | + |
| 12 | +# SSO |
| 13 | + |
| 14 | +SSO support for enterprise users. Pusher dashboard currently supports SSO with Okta. |
| 15 | + |
| 16 | +> **Note:** SSO support is only available to Custom plans. Contact sales for more information. |
| 17 | +
|
| 18 | +## Okta |
| 19 | + |
| 20 | +### Step 1: Create an application on Okta |
| 21 | + |
| 22 | +As an Okta adminstrator, create a new Application for Pusher with the following parameters: |
| 23 | + |
| 24 | +1. Sign-in method: **OIDC - OpenID Connect** |
| 25 | +1. Application type: **Web Application** |
| 26 | +1. Application Name: **Pusher** |
| 27 | +1. Sign-in redirect URIs: **https://dashboard.pusher.com/accounts/auth/okta/callback** |
| 28 | +1. Sign-out redirect URIs: **https://dashboard.pusher.com/accounts/sign_in** |
| 29 | +1. Initiate login URI: **https://dashboard.pusher.com/accounts/sign_in** |
| 30 | +1. Login initiated by: **Either Okta or App** |
| 31 | + |
| 32 | + |
| 33 | +### Step 2: Add your Okta settings to Pusher dashboard |
| 34 | + |
| 35 | +To setup SSO with Okta, go to your account page in the Okta SSO section and: |
| 36 | + |
| 37 | +1. Click enable |
| 38 | +1. Fill in your Okta settings in the form |
| 39 | + - Organization Domain: is used to verify the ownership of login email domains |
| 40 | + - Issuer URL: should be in the format **https://mydomain.okta.com** |
| 41 | + - Client ID & Client Secret: obtained from your Okta application |
| 42 | + - Authorize URL: defaults to **$ISSUER_URL/oauth2/default/v1/authorize**. Change as you see fit |
| 43 | + - Token URL: defaults to **$ISSUER_URL/oauth2/default/v1/token**. Change as you see fit |
| 44 | + - User Info URL: defaults to **$ISSUER_URL/oauth2/default/v1/userinfo**. Change as you see fit |
| 45 | +1. Click Save |
| 46 | +1. Click Start Verification. |
| 47 | + |
| 48 | +1. Follow the instructions presented in the dashboard and add the TXT record to your DNS config. |
| 49 | + |
| 50 | +**Pusher will work to verify the domain in the background.** |
| 51 | +1. Once the domain is verified, you will see a similar message in the dashboard: |
| 52 | + |
| 53 | + |
| 54 | +1. Your Okta users can visit Pusher using the Pusher Okta app in your organization's Okta dashboard. |
| 55 | +**Since Pusher dashboard doesn't support multi-tenancy at the moment, in order for Pusher dashboard to identify your issuer, SSO Logins can only be through the Okta dashboard Pusher app.** |
| 56 | +1. Users can click on "Sign in with Okta" to sign in: |
| 57 | + |
0 commit comments