Log-in Methods

Your log-in method is configured at the time of your Datalogz license activation.

We support the following login methods:

Google Authentication

Log in with your Google account using any Google-supported email address.

Microsoft Authentication

Log in with your Microsoft account, provided you're using a Microsoft-supported email address and your organization has approved Datalogz as a third party tool.

If you are unable to log in to our application using your Microsoft Entra ID account, you may be blocked by your organization's policy. To solve this, your administrator will need to manually grant consent by via the following URL: https://login.microsoftonline.com/YOUR_TENANT_ID/adminconsent?client_id=YOUR_DATALOGZ_CLIENT_ID

This URL requires your organization's Tenant ID and the Datalogz' Client ID (which you can obtain from your Customer Success Manager). Once your administrator approves via this link, your access should be enabled.

Okta SAML Authentication

Use this guide to connect your Okta tenant to Datalogz via SAML SSO.

Who should do this

  • Your Okta admin or someone with permissions to create and configure SAML apps.

Prerequisites

  • Your Datalogz account name (e.g., “Acme”)

  • Your Datalogz base URL

  • Datalogz team will confirm the ACS URL pattern and entity ID with you during onboarding

What you’ll configure in Okta

  • A new SAML 2.0 application

  • ACS (Assertion Consumer Service) URL: your Datalogz SAML callback

  • Entity ID: provided by Datalogz

  • Attribute statements: email, firstName, lastName

Step 1: Create a SAML 2.0 app in Okta

  1. In Okta Admin Console, go to Applications → Applications → Create App Integration.

  2. Choose SAML 2.0 → Next.

  3. App name: “Datalogz (SAML)” (any name is fine) → Next.

Step 2: Configure SAML settings

  • Single sign-on URL (ACS):

    • Use the callback URL shared by Datalogz (pattern: https://app.datalogz.io/api/v0/saml/redirect/{ACCOUNT_NAME})

  • Audience URI (Entity ID):

    • Use the value provided by Datalogz (example: datalogz_okta_saml)

  • Name ID format: EmailAddress

  • Application username: Email

Step 3: Add attribute statements

Add the following attribute statements (Name → Value):

  • email → user.email

  • firstName → user.firstName (or user.firstName/user.givenName depending on your Okta profile)

  • lastName → user.lastName (or user.lastName/user.familyName)

These names must match exactly: email, firstName, lastName.

Step 4: Save and assign access

  1. Save the app.

  2. Assign people/groups who should have access to Datalogz.

Step 5: Share SAML metadata with Datalogz

From the app’s SSO configuration page:

  • Copy the Metadata URL (IdP metadata) OR download the Metadata XML file.

  • Provide the following to Datalogz (or enter in the setup screen):

    • entity_id: the Audience URI (Entity ID) you configured

    • metadata_url: the Okta IdP metadata URL for the app

    • idp: your Datalogz account name (e.g., “Acme”)

Note: If you’re completing this during initial onboarding, Datalogz can capture these via the license setup flow.

Step 6: Test SSO

  • SP-initiated (recommended): Go to the Datalogz login page, enter your email, and you should be redirected to Okta.

Troubleshooting

  • “SAML SSO is not configured for this account”

    • The account name used in the ACS path or SSO link doesn’t match what’s configured; confirm your {ACCOUNT_NAME} and metadata are set for the same account.

  • Redirect loop or error after Okta login

    • Ensure the ACS URL matches exactly and is reachable from your network.

    • Verify the Entity ID in Okta matches the value provided by Datalogz.

  • User can’t log in after Okta success

    • Confirm attribute statements exist and are spelled exactly: email, firstName, lastName.

    • Make sure the user is assigned to the Okta app.

  • Metadata issues

    • If using a metadata URL, ensure it is publicly accessible and returns HTTP 200.

Security notes

  • Datalogz validates SAML assertions and requires signed assertions.

  • Use strong certificate management in Okta and rotate certificates per your policy.

What to send to Datalogz (recap)

  • Your unique account name (e.g., “Acme”)

  • Metadata URL

  • Confirmation that attributes email/firstName/lastName are mapped

Last updated