Skip to main content
Druva Documentation

How to Configure Phoenix-GovCloud SSO using Okta as IdP?

  • Only a Druva Cloud administrator can set up Single Sign-on. 
  • Configure Single Sign-on based on the applicable scenarios:
    • New Druva customers that is; Phoenix customers on-boarded after 02 July 2018 must refer to the instructions given in the article: Set up single sign-on on the Druva Cloud Platform Console
    • Existing Phoenix customers who have already configured Single Sign-on must continue to use the existing settings as described in this article.

Configure the app for Phoenix GovCloud in Okta

  1. Login to the Okta console using the configured URL. (The URL format resembles
  2. Click Admin and on the admin screen click Add Application > Create New App. The Create a New Application Integration window is displayed.
  3. Select the SAML 2.0 option and click Create.
  4. On the General Settings tab, enter the name of the new app against App name. For example, you can enter Druva Phoenix-GovCloud.
  5. Optionally, you can also upload a logo.
  6. Click Next.
  7. Enter following on Configure SAML tab:
    Single sign-on URL:
    Audience URI (SP Entity ID): druva-govphoenix
    Default Relay State: Admin
    Name ID format: Select email address  from the drop-down
    Application username: Select Email from  the drop-down
  8. Enter the following values under Attribute Statement:
    Name: phoenix_auth_token
    Value: Copy the token from Phoenix-GovCloud Admin Console and paste it here. Refer article Generate SSO token.
  9. Click Next.
  10. When asked Are you a customer or partner?, select I'm a software vendor. I'd like to integrate my app with Okta and click Finish.
  11. Click View Setup Instructions on the next screen. A new page is displayed.
  12. From the new page, copy the values for Identity Provider Single Sign-On URL and X.509 Certificate to a notepad for later use and close the page.
  13. Click the Assignments tab in the SSO application created earlier and assign the People/Groups as required.

Configure settings in Phoenix-GovCloud to use Okta as IdP

  1. Login to Phoenix GovCloud ( 
  2. Click Settings > Single Sign-On tab.
  3. Click Edit on the Single sign-on configuration page.
  4. Enter the values copied to the notepad from Okta page as shown below:
  5. From the values copied from Okta to the notepad earlier, enter the values as follows:
    Identity Provider Single Sign-On URL: ID Provider Login URL
    X.509 Certificate: ID Provider Certificate

  6. Click Save and click Edit under Single sign-on settings.
  7. Enable Single sign-on for Admins
  8. If this is a first-time configuration, Druva recommends you to enable Allow Failsafe access to cloud admins.
  9. Click Save .
    When you login to Phoenix GovCloud Management Console next time, directly enter your administrator's email ID without the password. The page must redirect to the Okta page. After a successful authentication from Okta, you will get admin access to the Phoenix GovCloud Management Console.