Prerequisites
To configure SAML SSO for your Akur8 environment, you need at least one user with the IT Admin role. This role has the necessary permissions to access SSO configuration settings in Akur8, configure SAML authentication parameters, manage identity provider connections, and test and validate SSO functionality.
Configuration Steps
Step 1: Retrieve SAML Information from Akur8
Log into your Akur8 account as an IT Admin
Navigate to Security settings from the main menu
Click the CREATE CONNECTION button
You will see Akur8's SAML Service Provider details. Keep this page open - you'll need these values when configuring Okta:
Audience (Service Provider Entity ID)
Assertion Consumer Service URL
Single Logout URL
💡 Tip: Copy these values directly from the Akur8 interface - you'll paste them into your identity provider in the next steps.
Step 2: Add Akur8 to Your Identity Provider
Open your identity provider's admin console and create a new SAML 2.0 application for Akur8.
Enter the ACS URL and Entity ID from Step 1.
Set the Name ID to use email addresses - this is important for matching users correctly.
When you're done, download your identity provider's SAML metadata. This file contains the details Akur8 needs to connect.
Alternatively copy Identity Provider metadata URL, if available.
💡 Info: For IdP specific documentation, check the following sections:
Okta
Okta
Create a SAML Application in Okta
Log into your Okta Admin Console
In the left sidebar, navigate to Applications → Applications
Click the Create App Integration button
In the dialog that appears:
Select SAML 2.0 as the sign-in method
Click Next
General Settings
Configure the general application settings:
App name: Akur8 (or your preferred name)
App logo: (Optional) Upload your company or Akur8 logo
Click Next
SAML Settings
In the Configure SAML tab, enter the values from Step 1:
General SAML Settings:
Single sign-on URL: Paste the Assertion Consumer Service URL from Akur8
✅ Check "Use this for Recipient URL and Destination URL"
Audience URI (SP Entity ID): Paste the Audience (Service Provider Entity ID)
Name ID format: EmailAddress
Application username: Email
Click Next
Attribute Statements (configure the following mappings):
Name | Name format | Value |
Unspecified | user.email | |
name | Unspecified | user.displayName |
In the Feedback tab:
Check “This is an internal app that we have created”
Click Finish
Azure AD
Azure AD
Coming soon.
Step 3: Connect Your Identity Provider to Akur8
Go back to the SSO configuration section in Akur8. Upload your identity provider's metadata file.
Or paste the Identity Provider metadata URL.
Click NEXT.
Add your company's email domains (like @yourcompany.com). This ensures only your employees can log in through SSO.
Save your configuration by clicking SAVE CONNECTION.
Step 4: Test Before Rolling Out
Start with a small test group. Don't enforce SSO for everyone right away.
Have a test user go to the Akur8 login page, enter their work email and click on "Login with SSO" button.
They should be redirected to your company's login page. After logging in there, they should land back in Akur8.
Once testing works well, assign more users to Akur8 in your identity provider.
Common Issues
Can't log in? Check that the user is assigned to Akur8 in your identity provider. Make sure their email matches in both systems.
Login works but can't access Akur8? Verify the user's permissions in Akur8. Double-check that email is mapped correctly as the Name ID.
Can't find SSO settings? Confirm you have the IT Admin role.