Skip to contentSkip to navigationSkip to topbar
Page toolsOn this page

Configuring Okta with Twilio SSO


(information)

Twilio Editions feature

Single Sign-On is available to all Twilio Editions customers. Learn more about Editions(link takes you to an external page).

This guide covers configuring your Okta Identity Provider with Twilio for SSO login to Twilio Console. If you are looking to Configure SSO for Twilio Flex or SendGrid(link takes you to an external page), refer to the configuration guides for them:

Before proceeding with SSO Configuration make sure that you have satisfied all of the prerequisites.


Step 1: Create a new SSO Profile in the Twilio Admin Center

step-1-create-a-new-sso-profile-in-the-twilio-admin-center page anchor

Go to Admin Center and click on the Single Sign-On option in the navigation bar as shown below

Admin Center with Single Sign-On link highlighted in navigation.

Create a new SSO Profile by clicking the 'Create new SSO Profile ' button. You will land on the below screen where you can copy or download the SP Metadata.

Twilio SSO setup page for Okta with fields for Audience URL, ACS URL, and optional Recipient and Destination URLs.

Keep this tab open as you will need to copy and paste the Entity ID and Single Sign On URL values in Okta


Step 2: Create a new SAML Application Integration in Okta

step-2-create-a-new-saml-application-integration-in-okta page anchor

In a new tab open your Okta Admin console, go to Applications and click on 'Create App Integration '

Okta Applications page with Create App Integration button highlighted.

You will see a popup as shown below. Select the sign-in method as 'SAML 2.0' and click Next

Okta new app integration with SAML 2.0 selected for sign-in method.

In the next screen, enter an appropriate name for the App you are configuring. This name should be such that your users can recognize and search for it from their Okta home page. You should also upload the Twilio logo from here(link takes you to an external page).

Okta Create SAML Integration with Twilio Console SSO app name input.

Step 3: Configuring SAML settings in your App Integration

step-3-configuring-saml-settings-in-your-app-integration page anchor

To configure the SAML settings, follow the below process -

  • First copy and paste the values for the Single sign-on URL (SSO URL) and Audience URI from the other tab where you have the SSO Profile in Twilio Admin Center.

    • Paste the 'Audience URL/Entity ID' value from the Twilio SSO Profile in the 'Audience URI (SP Entity ID)' field of Okta App Integration
    • Paste the 'Assertion consumer service (ACS)/ SSO URL' value from the Twilio SSO Profile in the 'Single sign-on URL' field of Okta App Integration
  • Keep the checkbox 'Use this for Recipient and Destination URL' selected. Also, keep the 'Default Relay State' blank.

  • Next select 'EmailAddress ' as the Name ID Format and select 'Email ' as the Application username. This configuration tells Okta that the application(Twilio Console) uses the email address of the users as the username (i.e. unique identifier).

Okta settings showing response and assertion signature as signed, and assertion encryption as unencrypted.

For the next step, click on 'Show Advanced Settings '.

  • In the advanced settings, make sure that the Response and Assertion Signature are selected as 'Signed '.
  • The Assertion Encryption should be kept as 'Unencrypted '.
  • You don't need to make any other changes in this section.
Okta-Configure SAML SP Metadata 2.

Upon clicking next, you will see the feedback step as shown below - you can click 'Finish' without entering anything.

Okta form for configuring SAML with options for customer type and app integration details.

Upon clicking 'Finish' you will land on the below screen. Click on the 'View Setup Instructions ' to view the Identity Provider metadata.

Okta settings page for Twilio Console SSO with SAML 2.0 setup instructions highlighted.

You will see the IdP metadata in a new tab as shown below. Keep this tab open as you will need to copy and paste the values from here into the Twilio Admin Center in the next step.

Okta configuration showing Identity Provider URL, Issuer, and X.509 certificate for Twilio SSO.

Step 4: Configure your IdP Metadata into the SSO Profile created in Twilio

step-4-configure-your-idp-metadata-into-the-sso-profile-created-in-twilio page anchor

Go to the tab where you have the Twilio SSO Profile opened. Confirm that you have configured the Signing Option and NameID settings in your IdP and click on Continue

Azure SSO profile configuration with Twilio metadata and download XML option.

In the next step, please update the friendly name of the SSO Profile to an appropriate value that you can recognize and select 'Okta ' as the Identity Provider from the dropdown.

SSO profile configuration with Okta selected as the identity provider in Twilio Admin Center.

Upon selecting the Identity Provider you will see the IdP metadata fields as shown below. Copy and paste the corresponding values from the Okta Setup Instructions page that is open in another tab.

Configure SAML metadata for Okta as Identity Provider in Twilio Admin Center.

After configuring these 3 values from your Okta Application into the Twilio SSO Profile, click the 'Save & Continue' button to save the SSO Profile and proceed to the next step to test the SSO Connection.


Okta's documentation for creating a SAML App Integration(link takes you to an external page)