.png){kind=logo}
Single Sign-On
The Okta/Toggl Plan SAML integration currently supports the following features:
○ SP-initiated SSO
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
- Log in to Toggl Plan
- Go to Settings → Single Sign On, or directly to https://plan.toggl.com/#settings/sso
- In Okta, select the "Sign On" tab for the Toggl Plan app and click "View Setup Instructions" OR right-click "Identity Provider Metadata" and save to a file named metadata.xml
If you downloaded the XML file, drag-and-drop it to Toggl Plan's "Identity Provider Setup" fields and jump to step 9 "Click Enable SSO". 
Copy "Identity Provider Single Sign-On URL" from Okta:
In Toggl Plan, paste this URL to "SSO URL" field:
Do the same with field number 2, "Identity Provider Issuer":
- In Toggl Plan, paste this to "Identity Provider Issuer" field:
- In Setup Instructions for Okta/Toggl Plan either copy the X.509 certificate or download it to your device:
- In Toggl Plan, paste the copied text to "X.509" field or drag-and-drop the downloaded certificate file:
- Click "Enable SSO"
- Done!
- Single Sign On can only be configured for the domain used in Workspace Owner's email address
- Single Sign On is only available for workspaces on Business plan
If you downloaded the XML file, drag-and-drop it to Toggl Plan's "Identity Provider Setup" fields and jump to step 9 "Click Enable SSO". 
Copy "Identity Provider Single Sign-On URL" from Okta:
In Toggl Plan, paste this URL to "SSO URL" field:
Do the same with field number 2, "Identity Provider Issuer":
