SAML configuration for Okta
Follow these steps to configure Single Sign-On (SSO) to Canva via Okta:
- Create a new SAML 2.0 application in your Okta account.
- Enter the app name (Canva) and optionally add a logo. Click Next.
- Fill out the appropriate fields with the following:
– Single sign on URL: https://www.canva.com/login/saml
This is where user identity will be posted to after authentication via Okta.
– Audience URI: https://www.canva.com
If not specified, Canva will reject the SAML assertion.
– Attribute Statements: Email, FirstName, LastName
- After finishing, open the settings for the new Okta application.
- Click View Setup Instructions to see the values you need to enter on your Enterprise team’s Account settings.
- Copy the following values from Okta into the text fields in the SAML Authentication section on your team’s Account settings:
– Identity Provider Single Sign-On URL → SAML 2.0 Endpoint (HTTP)
– Identity Provider Issuer → Identity Provider Issuer
– X.509 Certificate → Public Certificate