Statuspage is available within the Okta app catalog, making it easy to manage and provision access to your Statuspage.io account.
Follow the instructions below to enable SSO Viewership for your Access Control Statuspage.
Start in your Statuspage Settings Page
- Log into status page, and navigate to Manage Account, to confirm that the Page Audience tab is available. If you do not see this tab, SSO for Page Viewers has not been enabled for your account, you can contact us for help!
- Follow the instruction to setup Okta Setup for Employee Viewers. Once completed, please return here to continue with the Access Control specific configuration.
Access Control specific setup in Okta
Once the Page Audience tab has been activated and the initial Okta setup has been completed, we can move forward with setting up the Access Control specific piece. For this, we’ll need to configure your SAML assertion to map to an Access Control group. This requires configuration both in Statuspage, as well as in Okta.
When configuring SAML for an Access Controlled Page, you’ll notice that the Statuspage metadata requires two additional Attributes, one of which is called ‘groups’. When your Statuspage parses an incoming SAML Assertion, it parses out this value to determine what Access Control group to match against for the incoming user. Configure your SAML assertion to send an Attribute called ‘groups’, which will either contain a group name, or other unique identifier.
To do so, navigate to your Okta admin portal and open the Statuspage.io application.
Select the Sign on tab and click the Edit button.
Select Regex in the groups dropdown and add ".*" to the text field next to it. The Regex setting allows filtering and will allow your Okta application to pass the user's group attribute.
Click the Save button.
Click on the Directory link and select Profile Editor
Select or search for your Statuspage application and click the Edit Profile button.
Click the +Add Attribute button.
In the Display Name and Variable Name enter the word "Groups", check the Attribute Required checkbox and click the Save button.
Access Control specific setup in Statuspage
Log in to your Statuspage Management Portal and select the Access Control section. Make sure you are on the Groups tab and click the +Add Page Access Group button.
Add a Group Name and the External Identifier from Okta. The External Identifier that is used here is the Group Name from Okta. The Group Name within Statuspage can be anything, the External Identifier however, needs to be the same as the corresponding Group Name within Okta.
Open an Incognito/Private browser window (this will ensure cached settings are not used) and navigate to your Statuspage. This should bring up the Okta login window.
Login with the credentials of a user that belongs to the Group that was just created in Statuspage. If the setup and configuration is correct, the user will be logged in.
Congratulations! You have just enabled Single Sign-on for your Access Control Statuspage account.
The most common issue encountered when setting up SSO for Access Control will display the following screen when a user attempts to login.
This means that the user is not associated with a Access Control Group that is authorized to view your Statuspage. The main step to resolve this would be to ensure that the user is part of a Group in Okta that has been setup in Statuspage as well.
If you experience issues with the setup of Okta SSO for your Access Control environment, please contact us.