Learn how to configure SSO using Okta SAML.

Today, Cove only supports SSO through Okta SAML.


To configure Okta SAML SSO, you must:

  • Be in Admin mode in Okta.
  • Have group names that match exactly between Okta and SAML.
  • Have admin permissions in Cove.
  • Have the ability to create a custom SAML application.


  1. Create a custom SAML application in Okta. Use the following settings.

    Single sign-on URL
    Audience URI (SP Entity ID)
    email attribute (you'll add this in the Attribute Statements section)
  2. In the Feedback tab, check I'm a software vendor. I'd like to integrate my app with Okta.

  3. In your app's settings, go to the Sign On tab. Under SAML Signing Certificates > SHA-2, click Actions > View IdP metadata.

  4. Copy the contents of the XML file and log in to Cove. Go to the Single-Sign On (SSO) settings and paste the XML file contents to the Identity Provider Metadata field.

  5. On the same page, enter email in the Attributes section.

  6. In your Okta app under Assignments, assign users or groups to your app.