OnRamp

SSO is an add-on feature with OnRamp. Please contact Customer Success or <a href="mailto:support@onramp.us" rel="nofollow noopener noreferrer" target="_blank">support@onramp.us</a> for more information.

Once enabled by OnRamp, users with Owner permissions can access SSO via Settings

1. Once enabled by OnRamp, users with Owner permissions can access SSO via Settings

Profile - OnRamp 2022-12-12 at 6.50.19 PM

2. Toggle SAML ON and get required setup data

Turn on the switch named “Enforce SAML SSO” and note the “Assertion Consumer Service URL” and “SAML Entity ID”. You’ll need those in a moment (don’t exit out of this page yet):

Profile - OnRamp 2022-12-12 at 6.52.32 PM

Go back to our OnRamp page and enter the URL you just copied into the field marked “SAML Metadata URL” and click “Enable SAML SSO”:

Nothing has happened yet, this provides OnRamp the metadata needed for the steps to configure this in Okta. Now, let’s go to Okta

Step 3: Create a new app integration in the Okta admin console

Login to your admin console for your Okta organization, click on “Applications”, then “Create App Integration” and select the option that reads “SAML2.0” and then click next:

First, give the app a name. You may call it whatever you want, I’m just calling it “OnRamp”. You also don’t have to give it a logo, but if you want a logo, just reach out to us and we can send you one. Once you’ve added those two things, click next.

Then, take those two values from before (the assertion consumer service URL and the SAML entity ID) and paste them into the Single sign on URL and Audience URI fields below. Also, make the NameID format “EmailAddress” and the application username “Email” like we have below. All other fields may be left blank.

After you click next, you’ll be taken to a feedback form provided by Okta, feel free to complete or skip this step. 

Step 6: Get your SAML config from Okta

We’re almost done! Now we just have to get our config from Okta to return back into our OnRamp config. On the page you’re taken to after you finish configuring the Okta app, if you scroll down a little bit, you’ll find a button called “View SAML setup instructions” Click this button:

Now, on the page you’re on, note the fields called Identity Provider sign on URL and the x.509 certificate. You’ll need those for the next step. Back to OnRamp!

Step 7: Save the SAML config in OnRamp

Now, navigate back to your open OnRamp window to configure SSO and choose the SAML (Manual) option. Take those values you got from Okta, and paste them into the fields below (it’s OK if you don’t have a logout URL. That’s normal). After a minute, you should get a notification in the top right corner of your application that says something along the lines of “SAML SSO Enabled”:

NOTE: Users must log in to their account via app.onramp.us. Logging in through Okta directly (IdP initiated login) is not supported.

Congrats, SSO is now enabled in OnRamp. Please add any users you wish to use this connection to your application in Okta and to OnRamp itself.

Okta SSO

OnRamp Academy 🎓

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.