Overview
This guide walks you through configuring Okta as the Identity Provider (IdP) for Maxim AI using SAML 2.0. You will:- Create a SAML 2.0 app in Okta
- Configure SAML settings and attributes
- Assign users and groups
- Upload Okta metadata to Maxim AI and test SSO
Prerequisites
- Okta administrator access
- Maxim AI admin access
- SAML-based Single Sign-On (SSO) enabled for your plan. Check plans for more details.
Step-by-Step Setup
1
Create a SAML 2.0 application in Okta
In Okta Admin Console, go to Applications → Applications and click “Create App Integration”
2
Configure sign-in method
Select “SAML 2.0” and click “Next”
3
Application details
Enter an app name (e.g., “Maxim AI”) and optionally upload an icon
4
Configure service provider details
In the SAML settings:
- Single sign-on URL (ACS URL):
https://app.getmaxim.ai/api/oauth/saml - Audience URI (Entity ID):
www.getmaxim.ai - Name ID format: EmailAddress
- Application username: Email
- email → user.email
- firstName → user.firstName
-
lastName → user.lastName
5
Support settings
In Okta, leave the default support contact settings unless your org requires custom values, then click “Next”.
6
Copy IdP metadata URL
Copy the IdP metadata URL from the Sign On tab of your Okta app
7
Upload IdP metadata to Maxim
- Log in to Maxim AI, go to Settings → Single sign-on, and click “Add identity provider”
- Enter your email address domain as the tenant identifier
- Enter “Okta” as the name for the identity provider
- Paste the IdP metadata URL and click “Add provider”
8
Assign users and groups
- In the Okta app, open the Assignments tab
- Assign People and/or Groups who should access Maxim AI
- Confirm users have valid email addresses matching their Maxim AI accounts