# Okta Go into your **Okta admin console** (it should look like this: `https://.okta.com/admin/dashboard`) 1. In the sidebar menu, click on **Applications > Applications**

2. Click now on **Create App Integration**

3. Select **SAML 2.0** and click on **Next**

4. Choose an **App name** and click on **Next**

5. Add the **Single sign-on** **URL**: `/api/accounts/saml/0/acs/` (for example with localhost: `https://localhost:8443/api/accounts/saml/0/acs/`) (see screenshot below) 6. Add the **Audience URI (SP Entity ID),** it has to be the same than **SP Entity ID** in CISO Assistant (see screenshot below) 7. Choose **Email** as the **Application username**

8. Add **Attribute Statements** * `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname` for user's first name * `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname` for user's last name

9. Click on **Next** and fill in the **Feedback** page as you wish then click on **Finish**

10. In the **Settings** box inside **SAML 2.0:** * Copy the **Metadata URL** and paste it into the **Metadata URL** field in CISO Assistant * Copy the **Issuer** url and paste it into the **IdP Entity ID** field in CISO Assistant

11. Go to the **Assignments** tab

12. Click on **Assign** and choose whether you want to assign users or specific groups

{% hint style="warning" %} Add a user in your application doesn't automatically create the user on CISO Assistant {% endhint %} You can now[ configure Clario Assistant](https://intuitem.gitbook.io/ciso-assistant/features-focus/sso) with the **3 parameters** you've retrieved. ***