Configure single sign-on using SAML and Okta identity provider

Configure identity providers like Okta to enable enterprise SSO login to shared email accounts. Create company mailboxes with auto-forwarding and RBAC login.

share email account with okta

MailSlurp enterprise plans support SSO SAML login. This post will demonstrate how to establish an integration with your Okta identity pool. While these steps apply to Okta they also apply to other identity providers that support SSO. This guide assumes you have created a MailSlurp organization in the dashboard app.

Prerequisites

  • Make sure you have a MailSlurp account
  • Upgrade your account to an enterprise plan
  • Create an organization in MailSlurp for your team

1) Create integration in Okta

Log into your Okta or IdP account and create a new internal application pairing using SAML 2.0:

Add integration

Specify SAML 2.0 for the sign in method: Add SAML

2) Pick a name

Add a name and application icon if desired.

Add name

3) Add single sign-on URL (ACS)

An important step is to provide your Idp with an ACS SAML assertion URL so that you can login. For the Audience URI use the same ACS URL.

Edit SAML

Use the slug for your organization instead of the big-corp-1 slug shown in the images.

4) Configure name ID format

You must tell your IdP to map the email address of your user to the name ID so that MailSlurp can identify them. For name ID format use EmailAddress. For application username use Email.

5) Add issuer, certificate, and entrypoint to MailSlurp

Next view the setup instructions for your SAML integration:

  • Go to the MailSlurp dashboard organizations page and create a new SAML settings configuration.
  • Copy the certificate, issuer, and entry point from your IdP and paste them into the MailSlurp SAML settings create form.

The SAML settings can be found in Okta by click the View SAML setup instructions button on the Okta integration page.

View setup

Click the view setup button to reveal the X.509 certificate, issuer, and sign on URL.

Setup instructions

Copy these values into the MailSlurp SSO settings form on the organization page:

Add issuer config

Save the SAML settings to enable the MailSlurp integration.

6) Login to SAML organization

Invite and manage users using your identity provider. Users can access the application at https://enterprise.mailslurp.com/login?slug=<YOUR_ORGANIZATION>, the enterprise homescreen https://enterprise.mailslurp.com/, or using the IdP access page.

SAML access