Statuspage is available within the Okta app catalog, making it easy to manage and provision access to your Statuspage.io account.
Follow the instructions below to enable SSO Viewership for your audience-specific status page.
Start in your Statuspage Settings Page
- Log into status page, and navigate to Manage Account, to confirm that the Page Type tab is available.
a. If you do not see this tab, SSO for users has not been enabled for your account, you can contact us for help!
- Follow the instruction to setup Okta Setup for Employee Viewers. Once completed, please return here to continue with the audience-specific configuration.
Audience-specific setup in Okta
Once the page type tab has been activated and the initial Okta setup has been completed, we can move forward with setting up the audience-specific piece. For this, we’ll need to configure your SAML assertion to map to an Audience-specific group. This requires configuration both in Statuspage, as well as in Okta.
When configuring SAML for an audience-specific page, you’ll notice that the Statuspage metadata requires two additional Attributes, one of which is called ‘groups’. When your Statuspage parses an incoming SAML Assertion, it parses out this value to determine what audience-specific group to match against for the incoming user. Configure your SAML assertion to send an Attribute called ‘groups’, which will either contain a group name, or other unique identifier.
To do so, navigate to your Okta admin portal and open the Statuspage.io application.
Select the Sign on tab and click the Edit button.
Select Regex in the groups dropdown and add ".*" to the text field next to it. The Regex setting allows filtering and will allow your Okta application to pass the user's group attribute.
Click the Save button.
Click on the Directory link and select Profile Editor
Select or search for your Statuspage application and click the Edit Profile button.
Click the +Add Attribute button.
In the Display Name and Variable Name enter the word "Groups", check the Attribute Required checkbox and click the Save button.
Audience-specific setup in Statuspage
Log in to your Statuspage Management Portal and select the Audience section. Make sure you are on the Groups tab and click the +Add Group button.
Add a Group Name and the External Identifier from Okta. The External Identifier that is used here is the Group Name from Okta. The Group Name within Statuspage can be anything, the External Identifier however, needs to be the same as the corresponding Group Name within Okta.
Open an Incognito/Private browser window (this will ensure cached settings are not used) and navigate to your Statuspage. This should bring up the Okta login window.
Login with the credentials of a user that belongs to the Group that was just created in Statuspage. If the setup and configuration is correct, the user will be logged in.
Congratulations! You have just enabled Single Sign-on for your audience-specific Statuspage account.
The most common issue encountered when setting up SSO for audience-specific pages displays the following screen when a user attempts to login.
This means that the user is not associated with an audience-specific group that is authorized to view your Statuspage. The main step to resolve this would be to ensure that the user is part of a Group in Okta that has been set up in Statuspage as well.
If you experience issues with the setup of Okta SSO for your audience-specific environment, please contact us.