Single Sign On (SSO)

Enigma SSO is compatible with any SAML 2.0 identity provider, such as Okta or Active Directory Federation Services.

For illustrative purposes, the following step-by-step details how to configure Okta as a SAML provider for the Enigma Console.

Configure Okta Part 1

  1. Add a new SAML pass-through app

    1. Click on “Browse App Catalog
    1. Select “SAML Service Provider”
    1. Click “Add Integration”
    1. Complete setup wizard for the SAML app
  2. Navigate to the SAML app and make note of the “Metadata URL”. This will be used later when onboarding to the Enigma Console

  1. Click “Edit” in the “Settings” panel and add attribute mappings for email, givenname, familyname, and name

The SAML app is now ready to be onboarded. Proceed to Configure Enigma Console

Configure Enigma Console

  1. Login to the Console using standard sign-in (username + password)
  2. Go to
  3. Click on “Configure Identity Provider”
  1. Fill out all the fields in the form and click “Save Configuration”
  1. Copy the values provided in the “Enigma Sign-On Settings” panel. These values will be used in the final step detailed in Configure Okta Part 2

Configure Okta Part 2

  1. Add the “Enigma Sign-On Settings” values to the SAML app
  1. Any users assigned to the SAML app will now be able to login through SSO from

Note: There is a slight propagation delay of a few minutes for the Enigma Console to recognize the onboarded identity provider. If logging in with SSO does not work immediately after following the above steps, wait a few minutes and try again.