SAML Configuration
All of Aviator’s cloud accounts support Google SSO based login. Self-hosted Aviator deployments support Google, Okta, Active Directory, or other SAML SSO providers.
Aviator supports SAML 2.0 based authentication. To request SAML authentication for your account, please contact [email protected]. See instructions below for Okta. If you have any other identity provider, please contact us for instructions.
Please replace app.aviator.co with with aviator.yourdomain.com in the instructions below.
- 1.Sign into Okta as an administrator.
- 2.Go to Admin Dashboard > Applications > Add Application. If you don't see that option, you might need to switch to the Classic UI, using the drop-down in the upper left.
- 3.Click Create New App and choose SAML 2.0 as the Sign on method.
- 4.Enter General Settings for the application:
- App name: Aviator
- App logo (optional). You can download the application logo for the application, you can download one from here.
- 5.
- 6.

identity provider setup
8. Enter SAML Settings, including:
- Single sign on URL: enter the URL you copied in Step 6
- Audience URI:
mergequeue
- Default Relay state: <leave empty>
- Name ID format:
EmailAddress
- Application username:
Email
9. Enter the attribute statements, which will be used to map attributes between Okta and Aviator. Please note that these values are case-sensitive.

10. Click Next. Then, set Okta support parameters for the application. Recommended settings:
- I’m an Okta customer adding an internal app
- This is an internal app that we have created.
11. Click Finish. On the next screen, click the Sign On tab and go to SAML Signing Certificates and select SHA-2 Actions dropdown. Select View IdP metadata.

12. Copy the url that it opens, this is your Metadata URL. It should typically end with:
/sso/saml/metadata
13. Go to the Assignments tab, and assign the app to the appropriate groups / users to access.
14. Go back to the SAML configuration page and update the following properties: https://app.aviator.co/saml/okta/configure
- Metadata url: Paste the Metadata URL copied from step 11
- Click Save and Activate
This should enable the Okta configuration for your organization. Please verify this by logging out and logging in directly from Okta portal.
Notes:
- This is idp initiated authentication, so you can login in directly from the Okta portal.
- It’s also recommended to post an announcement for your users to explain how the migration will work.
Last modified 2mo ago