Okta Single-Sign-On

This guide walks you through setting up Single Sign-On (SSO) with Okta, allowing your team to securely access our platform using your existing company credentials.

Overview

Herd integrates directly with Okta Single-Sign-On in all editions of the product. Helping Okta specific organizations onboard faster than anyone else.

The Herd application is not directly available on the Okta marketplace. You'll need to follow a custom app integration once inside your Okta SSO admin console.

Prerequisites

  • An active Okta SSO account

  • Admin level credentials within the Okta SSO admin console

  • Check that you have not reached your Okta app limit. In some Okta plans, there is a cap to how many applications you can setup via SSO. Professional & Enterprise edition typically have an unlimited amount.

  • As of August 2025: It's recommended that you do this live with a Herd representative as it requires a manual change on the backend by one of our engineers.

Add Application To Okta SSO (Open ID Connect)

  1. In your Okta dashboard, go to Applications and click Create App Integration.

  1. Select OIDC - OpenID Connect as the sign-in method.

  1. Choose Web Application as the application type.

  1. Name the app something like "Herd" or "Herd Security" so it’s easy to identify later.

  1. Select users or groups that will have access to the application. Note that this is ONLY for users that will have access to the Herd admin console. General users should not be provided access.

  1. Hit Save when done

Client ID and Client Secret

Once the app integration is created in Okta, you'll need to share the Client ID and Client Secret with the Herd team. These fields should be automatically generated in the Client Credentials section.

Securely share this information with the Herd team either live on the call or with a password vault access.

Sign-In Redirect Setup

  1. Once you get the confirmation from the Herd team, you'll need to add the Sign-In Redirect URL's to finish the integration. Scroll down the page to General Settings and select Edit.

  1. Scroll down to the Login section

  2. Change the Sign-In Redirect URI to your organizations login URL it should be similar to: https://ORGANIZATIONID.auth.us-west-2.amazoncognito.com/oauth2/idpresponse

*Replace the ORGANIZATIONID with the one provided by Herd.

  1. Set the Sign-Out Redirect URI to https://app.herdsecurity.io

  2. The final settings should look similar to the screen below

Set Application Image

  1. Scroll to the top of your application settings.

  2. Select the pencil button next to the gear icon.

  3. Save the image below.

  1. Place it into Okta.

  2. The login will now show the picture when look at the Okta App SSO view.

PreviousAdmin Console (temporarily in getting started)NextOkta Group & App Sync

Last updated