![Precog_logo_color-3.png]](https://support.precog.com/hs-fs/hubfs/Precog_logo_color-3.png?height=40&name=Precog_logo_color-3.png){kind=logo}
Setting Up SSO with Precog
Precog can accommodate SSO, but it is not required.
If your organization requires Single Sign-On (SSO), Precog supports this option. While SSO is not required, it can be enabled for customers who need it. Because this integration requires setup and ongoing support, SSO is only available as an add-on feature, and your organization is responsible for the associated cost.
With SSO, your team can sign in using the same company credentials they already use for email and other internal systems. This eliminates the need for separate usernames and passwords and gives your organization full control over managing user access.
Here’s how it works:
- Integration – Precog connects our product to your identity provider (such as Okta, Azure AD, or another SSO solution you use).
- Authentication – When your employees sign in, they’ll be directed to your identity provider to confirm their credentials.
- Access granted – Once verified, they’re automatically logged in to our product—securely and without a separate password.
Example Overview of SSO with Okta
This setup allows users in Okta to authenticate into applications using Auth0 (Precog uses Auth0). In this configuration, Okta is the Identity Provider (IdP) and Auth0 is the Service Provider (SP).
- Decide the Roles
- Okta acts as the Identity Provider (IdP) → it holds the user identities and handles authentication (usernames, passwords, MFA, etc.).
- Auth0 acts as the Service Provider (SP) → it connects your applications to Okta, so users can log in with their Okta credentials.
- Okta acts as the Identity Provider (IdP) → it holds the user identities and handles authentication (usernames, passwords, MFA, etc.).
- Exchange Metadata
- Auth0 provides connection details (like a callback URL and Entity ID).
- Okta provides identity provider details (like SSO URL, Issuer, and Certificate).
- These details are exchanged so both systems “trust” each other.
- Auth0 provides connection details (like a callback URL and Entity ID).
- Configure in Okta
- An admin creates an app integration in Okta and enters Auth0’s details.
- Assign users/groups in Okta who should be allowed to sign in.
- An admin creates an app integration in Okta and enters Auth0’s details.
- Configure in Auth0
- A Precog admin sets up a SAML or OIDC connection in Auth0 using the information from Okta.
- A Precog admin sets up a SAML or OIDC connection in Auth0 using the information from Okta.
- Login Flow
- A user tries to log in to Precog.
- Auth0 redirects them to Okta to authenticate.
- Okta validates their credentials and sends a secure assertion (like a SAML token) back to Auth0.
- Auth0 passes the user identity on to Precog, granting access.
- A user tries to log in to Precog.