This article explains how to set up and use the SAML 2.0 Integration, so your organization can rely on Single Sign-On, using Okta as the Identity Provider, and require employees to authenticate using your Okta Users directory.
Before you begin
How to connect the SAML 2.0 Connector integration
To set up SSO using the SAML protocol, you need to connect to the "SAML 2.0" integration.
From the Deel home page, select the Hub icon and Apps tab search for SAML 2.0 and click on connect to initiate integration.
Keep this screen open, we'll need to get the URL from Okta.
How to set up a new Okta application
To enable Deel to authenticate users via Okta using SAML 2.0 SSO protocol, we'll need to create a new application, following these steps:
✅ Step 1 - Using the Administrator Portal, navigate to the applications page in Okta, by clicking on Applications and then Applications in the left menu.
✅ Step 2 - Click on Create App Integration, then choose SAML 2.0 and click Next.
✅ Step 3 - Give the app a name, for example, Deel SSO, and click Next.
✅ Step 4 - On the next step Configure SAML, enter a placeholder url in the Single sign-on URL field, and provide a unique entity ID on the Audience URI (SP Entity ID) field. Scroll down and click Next to proceed.
✅ Step 5 - Select This is an internal app that we have created for the App Type field. Then click Finish to complete the process.
✅ Step 6 - Once finished, you'll land on the SSO App settings. On the Sign On tab, copy the Metadata URL.
✅ Step 7 - Go back to the Deel integration configuration page, and paste the metadata url in the Metadata URL field. Then, for the Entity ID field, enter the same entity id provided in the Okta configuration, and click on Connect & Go to Settings.
✅ Step 8 - You'll be redirected back to the integration page, in the Single sign-on configuration panel. Enter a name for the SSO application, and copy the Redirect URL.
✅ Step 9 - Back to the Okta settings, click on the General tab, and click Edit in the SAML Settings section. Click Next, and paste the Redirect URL from Deel in the "Single sign-on URL" field. Then click "Next" again and "Finish" to complete the set up.
✅ Step 10 - To assign this application to specific users, you can use the Users tab on the left, or you can configure specific roles to assign this application to entire groups of users. To better understand how Groups and Roles work in Okta, see their training page on this topic.
✅ Step 11 - Back to Deel's SAML 2.0 settings screen, click on Enable to enable SSO for your organization.
Once enabled, your organization will require SSO for any employee to login.
To disable SSO at any given time, you just need to go back to this integration, and click on More and Disconnect.
FAQ
[ACCORDION] Does this integration support LastPass?
No, this integration currently doesn't support LastPass.