Skip to main content

SAML2 Authentication with Okta

Enable secure Single Sign-On (SSO) and automatic user provisioning using Okta and Screenloop.

Screenloop supports SAML2 authentication via Okta, allowing organisations to centralise login management and automatically create user accounts when employees sign in for the first time.

Who can use this?

  • Screenloop Admin users

  • Organisations using Okta as their identity provider

Before you begin

Ensure you have:

  • Admin access in Screenloop

  • Admin access in Okta

  • Permission to create SAML applications in Okta

Enable SAML2 Authentication in Screenloop

  • Go to Settings > Authentication

  • Select SAML2 provider for automatic sign-up

This allows users in your organisation to authenticate through Okta.

Create a SAML Application in Okta

In Okta Admin:

  • Navigate to Applications

  • Click Create App Integration

Configure Sign-In Method

In the popup:

  • Select SAML 2.0

  • Click Next

General Settings

Complete the following:

  • App Name: Screenloop

(Optional) Upload a custom app logo.

Click Next.

Configure SAML Settings

Complete the SAML configuration using the values below.

General SAML Settings

Field

Value

Single sign-on URL

https://app.screenloop.com/auth/saml/auth

Audience URI (SP Entity ID)

https://app.screenloop.com/auth/saml/metadata

Name ID format

Transient

Application username

Email

Update application username on

Create and update

Attribute Statements

Add the following attributes:

Name

Value

first_name

user.firstName

last_name

user.lastName

Finish the Okta Application Setup

At the bottom of the page:

  • Click Next

  • Select:
    “I'm an Okta customer adding an internal app”

  • Click Finish

Download the Identity Provider Metadata XML

After setup:

  • Open the Sign On tab of the Screenloop application

  • Click Identity Provider metadata

  • Save the XML file to your computer

This file will be uploaded into Screenloop.

Configure SSO in Screenloop

In Screenloop:

  • Go to Settings > Authentication

  • Open SSO via SAML2

  • Click Upload File

  • Upload the Okta Metadata XML file

Enable Just-In-Time Provisioning

After uploading the XML:

  • Enable Just In Time Provisioning

This allows Screenloop accounts to be created automatically when users sign in for the first time.

This simplifies onboarding and reduces manual user management.

Existing Users

Existing Screenloop users will automatically authenticate through Okta once SSO is enabled.

No new accounts or migration steps are required.

Important Notes

  • Incorrect SAML URLs or attributes may prevent login from working

  • Admin permissions are required in both Okta and Screenloop

  • Users must be assigned to the Screenloop application in Okta

  • JIT provisioning automatically creates accounts for first-time users

Recommended Best Practices

  • Use Okta groups to manage Screenloop access centrally

  • Test SSO with a small user group before full rollout

  • Keep metadata updated if certificates change

  • Enable JIT provisioning for smoother onboarding

Related Articles
Google Authentication (SSO) Setup
SAML2 Authentication with Azure Active Directory
Configure Organisation Account Settings
Did this answer your question?