This article explains how to configure SAML Single Sign-On (SSO) for Aircall using Okta. It outlines the setup process, required components, and key best practices for secure and efficient authentication.

Important: The instructions in this article apply only to companies that have had SAML Single Sign-On activated by Aircall.
To request activation, please contact our Customer Success team. Currently, this functionality is available to a limited number of customers.

Feature overview

FeatureDescription
What it doesEnables Single Sign-On (SSO) for Aircall users through Okta, allowing secure and streamlined access.
Who can use itAvailable to Aircall customers who have had SAML Single Sign-On activated by Aircall.
Where to access itOkta Admin Console and Aircall Admin Dashboard.
Note: After configuration, users must log in via dashboard.aircall.io/login/sso or use the Login with SSO button in the Aircall app.
Accessing Aircall through the Okta dashboard tile is not supported.

1. Create a SAML app integration in Okta

Steps: 

  1. Log in to your Okta Admin Console (https://company.okta.com/admin/dashboard).
  2. Navigate to Applications > Applications.
  3. Click Create App Integration.
  4. In the modal, select SAML 2.0 as the sign-in method.
  5. Click Next.

2. Configure SAML integration for your Okta app

Steps: 

  1. On the Create SAML Integration page, under General Settings, enter an app name (for example, acme-saml@company).
  2. (Optional) Upload a logo and set visibility preferences, then click Next.
  3. Under the General section, enter:
    • Single sign-on URL: https://sso.aircall.io/saml2/idpresponse
    • Audience URI (SP Entity ID): urn:amazon:cognito:sp:us-west-2_hZkGBmIsz
  4. Under Attribute Statements, add:
    • Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    • Name format: Leave unspecified
    • Value: user.email
  5. Click Next, accept the default values, and then click Finish.

3. Assign users to the Okta app

Steps: 

  1. In the newly created Okta application, open the Assignments tab.
  2. Click Assign to add the users or groups who should have SSO access to Aircall.

4. Export the Identity Provider (IdP) metadata

Steps: 

  1. In the Okta application, navigate to the Sign On tab.
  2. Under SAML Signing Certificates, locate the active certificate.
  3. Click Actions > View IdP metadata.
  4. In the new browser tab, either:
    • Copy the URL of the metadata, or
    • Download the XML file.

You will need this metadata to complete the SAML setup in Aircall.

Tip: Keep your IdP metadata URL or XML file secure and easily accessible. It may be required later for troubleshooting or reconfiguration.

Best practices

  • Pre-activation: Contact our Customer Success team to confirm SAML Single Sign-On is activated for your company before starting configuration.
  • Login method: Always log in through dashboard.aircall.io/login/sso or use the Login with SSO button in the Aircall app.
  • Metadata management: Store your IdP metadata URL or XML file securely for future reference.

FAQs

Can I use the Okta dashboard tile to access Aircall?
No, accessing Aircall through the Okta dashboard tile is not supported. Users should log in via dashboard.aircall.io/login/sso or the Login with SSO button in the Aircall app.

Is SAML Single Sign-On available to all Aircall customers?
Currently, SAML Single Sign-On is available only to a limited number of customers. To request activation, please contact our Customer Success team.

What information is required from Okta to complete the setup in Aircall?
You will need the Identity Provider (IdP) metadata, which can be copied as a URL or downloaded as an XML file from the Sign On tab of your Okta application.