Setting Up OKTA SSO

SSO is exclusively available for Corporate clients and select directly purchased plans. If you are interested in access to SSO, please connect with our sales team here.

This article is intended for administrators setting up SSO for their teams on RocketReach.

1. Okta Setup 
2. RocketReach Setup
3. Logging In

Okta Setup

1. Open a new browser tab or window (preferably in incognito mode), and sign in to your Okta administrator console.
2. Select Applications option from the list:                         
3. On the Applications page, click the Create App Integration button:
4. Search for RocketReach and click the RocketReach app integration (with SAML):
   
5. Click the Add Integration button to begin setting up the RocketReach app integration:
   
   
6. You can modify the default RocketReach Application Label or leave it as-is before clicking Done:
   
   
7. Open the Assignments tab.
8. Click Assign > Assign to People and click the Assign button beside each user you want to approve for single sign-on access to RocketReach.
9. Click Done. Make sure users’ email addresses appear in the User Name field.
10. Select Assignments and assign desired users to the RocketReach app to allow them to log in to RocketReach using SSO.

Select the Sign On tab. In the information bar on the right, click the View SAML setup instructions button:
   

RocketReach Setup

1. Open a new browser tab or window (preferably in incognito mode), and sign in to RocketReach as your Corporate team owner or administrator.
2. Go to My Account page, then select Security: 
                                  
3. Click the Setup SAML Connection button and select Okta in the list on the left side:
4. Submit your SAML Sign-on URL, Identity Provider Issuer, and x509 Certificate, following the steps on the setup instructions page you opened earlier in Okta.
5. Click Test SAML Connection.
6. Once the connection is tested successfully click Save Configuration button.
7. Enable the Single Sign-On function.
8. Log out and test SSO login following the steps below.

Logging In

If you've configured and enabled SSO on RocketReach, your users' sign-in flow will follow one of the two sequences below:

SP-Initiated Flow:

Note: If the user has not yet created their RocketReach account and has been assigned to the RocketReach team, they will need to log in using the IDP-Initiated Flow outlined in the next step for their first login.

1. Users navigate to the RocketReach Login with SSO page using the link on the right side of the login page:
   
2. Once users enter their email, they are redirected to the Okta login page:
   
   
3. Okta requests the user’s username and password. They enter their sign-in credentials. The client passes the SAML response to RocketReach.
4. If valid, users are redirected back into RocketReach and logged in.

IDP-Initiated Flow:

1. Users log in to the Okta dashboard using their company username and password.
2. The user will see a RocketReach tile on the Okta Dashboard if they are assigned the app.
   
3. Upon clicking the RocketReach tile, the user will be automatically logged into RocketReach. If they do not yet have a RocketReach account, one will be created and they will be assigned to the team where Okta is configured.