Note: While our most popular guides have been translated into Spanish, some guides are only available in English.

Logging in with single sign-on through Okta (Enterprise)

If you're on our Enterprise plan, you can set up single sign-on (SSO) with Okta. This is a great way to manage login access to your Squarespace site and maintain consistent security across your organization.

Follow the steps in this guide to learn how to set up Okta SSO.

This feature is for Enterprise customers only. It's not available for other plan levels.

Supported features

Requirements

The Okta SSO integration is available to customers on our Enterprise plan. To set up the integration, you must be an admin in your Okta organization.

If you're interested in adding Okta SSO to your account, contact us before starting the steps below so we can help you through the process and take action when necessary.

Configuration steps

To set up the Okta SSO integration:

  1. In the Admin view of your Okta organization, click Add Application, search for Squarespace, then click Add.
  2. Enter an Org Name in General Settings. This is used by Squarespace to create a unique sign-on URL to link from your Okta dashboard. The URL will look like https://account.squarespace.com/org/example, with your org name in place of example.
  3. Click Done.
  4. In the Sign On tab, copy the Client ID and Client Secret. Send these values, along with the Org Name and the Okta Issuer URL (https://example.okta.com) to your Squarespace account manager.

We'll use these values to complete your SSO setup.

Assign users

To give users access to the Squarespace SSO, click the Assignments tab, then click Assign. Ensure the User Name field is a valid email.

Assigned users will now be able to log into Squarespace via SSO through the Squarespace app on their Okta dashboards. Keep in mind, accounts won't be created in Squarespace until the initial SSO login.

Protect your site with SSO (optional)

To prevent users from outside your Okta org from logging in to your Squarespace site, you can protect your site with SSO.

To turn on SSO protection for existing sites, contact your Squarespace account manager.

To create new sites with SSO enabled, choose an account in your Okta org to be the site creator, then contact your Squarespace account manager. We'll set it up so new sites created from this account have SSO enabled by default.

Set up SCIM (optional)

With SCIM user provisioning, user accounts in Okta sync with accounts in Squarespace. For example, when your users update their name or email address in Okta, those changes will happen in their Squarespace account too.

To get started, contact us to receive a SCIM API key.

Supported features

  • Create users
  • Update user attributes
  • Deactivate users

Supported SCIM user attributes

  • id (Squarespace user ID)
  • locale
  • firstName
  • lastName
  • displayName
  • active
  • externalId (ID passed to Squarespace from Okta)
  • userName (email address in Squarespace)
  • emails (limited to size 1 - same as userName)

Set up

  1. After receiving your SCIM API key from your account manager, click the Squarespace app in your Okta dashboard, then click the Sign In tab and select Email in the Application username format.

Set_the_username_format_to_Email.png

  1. Click the Provisioning tab, then click Configure API Integration.

Click_Configure_API_Integration.png

  1. Check Enable API integration and enter your SCIM API key from Squarespace.

Enter_the_SCIM_API_key.png

  1. Click Test API Credentials to ensure the integration can connect successfully.
  2. Click Save.
  3. In the To App section under Provisioning, select the actions you want to enable Okta to perform, such as Create UsersUpdate Users, and Deactivate Users, then click Save.

Select_what_actions_Okta_should_be_able_to_perform.png

Troubleshooting

If you run into any issues please contact Squarespace support or your account manager.

Automatic permissions (optional)

On sites protected with SSO, you can use Okta groups to automatically grant users specific Squarespace permissions. Currently, only Admin and Website Editor permissions are supported. To learn more about permissions, visit Squarespace permissions explained.

To do this:

  1. Create Native Okta groups with the names app_squarespace_admin and app_squarespace_editor. Group names must be exact to work.
  2. Add users who should be Admins and Website Editors to each respective group.
  3. The first time a user in one of the groups logs in to your Squarespace site, they will automatically get the designated permissions.

Alternatively, existing contributors with Admin permissions can add contributors manually, as long as the contributors are part of your Okta org and have been assigned the Squarespace SSO.

Notes

SSO login

Contributors can log in with SSO through the Squarespace login screen on a computer. After typing in their email address, an SSO button will replace the password field.

They can also log in through their Okta dashboard, or by bookmarking the URLs specific to your org that match the following formats, replacing example with the org name or built-in site URL:

  • https://account.squarespace.com/org/example
  • https://example.squarespace.com/config (if your site is protected by SSO)

Private sites

If you want your site to be viewable by employees only, set the Site Availability to Private. To learn more, visit Publishing or hiding your site.

Public visitors won't be able to view the site. Users with permissions can click log in to log in with SSO.

Was this article helpful?
0 out of 2 found this helpful
Logging in with single sign-on through Okta (Enterprise)