Okta

Configure SSO on CoreWeave with Okta

To configure CoreWeave SSO using Okta as your identity provider, first create a new SSO configuration on CoreWeave.

On the configuration screen, select Okta from the Your IDP drop-down menu.

note

It's recommended to keep the CoreWeave Cloud window open so that you may reference the values provided by CoreWeave during this configuration.

Configure Okta

Navigate to the Okta Admin Console to create a SAML app integration to begin configuring Okta's side of the SSO connection.

General settings

From the SAML integration screen, enter an application name (such as CoreWeave Cloud). Optionally, add an app logo to display in the Okta application menu. Then, click Next.

Additional Resources

For more information on Okta's SAML integration fields, refer to Okta's Application Integration Wizard SAML field reference.

The Okta IDP configuration page

Configure SAML

On the following menu, Configure SAML, enter the Single sign-on URL provided in the CoreWeave SSO configuration panel.

note

What Okta calls the Single-sign on URL is the same as the Assertion Consumer Service (ACS) URL provided in the CoreWeave SSO configuration panel.

Check the box beside "Use this for the Recipient URL and the Destination URL."

The general configuration fields should be set to the following values:

Field	Value
Single sign-on URL	Provided by CoreWeave. (See: Configure the IDP)
Audience URI (SP Entity ID)	Provided by CoreWeave. (See: Configure the IDP)
Name ID format	Unspecified
Application username	Okta username
Update applicaton username on	Create and update

A complete SAML integration for CoreWeave Cloud on the Okta side

Attribute statements

Next, on the same page, configure the Attribute Statements for the SAML integration. The attribute statements fields should be set to the following:

Name	Name format	Value
first_name	Unspecified	user.firstName
last_name	Unspecified	user.lastName
email	Unspecified	user.email
login	Unspecified	user.login

Attribute statements formatted for Okta

note

The email attribute is what uniquely identifies users.

Identity provider URL, issuer, and X.509 certificate

To acquire the identity provider URL, the IDP Single sign-on URL, and the X.509 certificate, click the View SAML setup instructions button on the right-hand side of the "Configure SAML" page.

The "View SAML setup instructions" button is on the right-hand side of the SAML configuration screen

This will redirect to a "How to" page, which contains all values for these fields.

The provided values in these fields must be added to their associated fields in the CoreWeave SSO configuration menu.

Feedback

The final portion of the Okta SAML integration is a feedback form for Okta, and may be filled out as you wish - this feedback is used by Okta. Once this section is complete, click Finish.

Configure CoreWeave SSO

If not already complete, return to the CoreWeave SSO configuration menu to finish setting up and enabling the SSO configuration.