Service Provider (SP) Initiated SAML Authentication Flow
SqlDBM offers Service Provider (SP) Initiated SAML Authentication for a variety of Identity Providers (IdPs). The diagram below illustrates the request workflow.
SSO Setup Steps
Step 1 β Contact SqlDBM Support
Before configuring anything in Okta, reach out to SqlDBM to get your Company Identifier. This value is going to be needed in Step 3.2
Open a support ticket with SqlDBM and request SSO setup.
- Navigate to https://support.sqldbm.com/hc/en-us/requests/new (log in if not already, before continuing)
- Select Account SSO: Enablement Request from the request type dropdown
- Fill out the following fields:
- Subject: Enable SSO
- IdP Admin Email: Provide the primary IdP Admin's email address
- Description: Requesting Company Identifier to enable SSO
- Submit the form
π‘ Your company identifier is a unique name SqlDBM assigns to your organization. It will appear in your login URL.
Step 2 β Create a New App in Okta
Log in to your Okta Admin Console, then:
-
Add SqlDBM Application in OKTA
In the OKTA admin console, navigate to the βApplicationsβ tab
Click βCreate App Integrationβ and search for "SAML 2.0"
-
Step 3 β Fill in the SAML Settings
-
Add the Application
-
Provide a meaningful App name
-
-
Configure the following
-
Basic SAML Configuration
Single sign-on URL:
https://idp.sqldbm.com/saml/metadata/<company identifier>/AcsSP Entity ID:
https://idp.sqldbm.comName ID format: EmailAddress
-
Application username: Okta username
-
User Attributes & Claims:
-
In the Attribute Statements section, configure:
Name β
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressExpression β
user.profile.email
-
-
Step 4 β Send the Metadata URL to SqlDBM
Once your Okta app is saved, Okta will generate a SAML Metadata URL.
- Copy that URL and reply to your SqlDBM support ticket with it.
- SqlDBM will validate your setup, enable SSO, and confirm everything is working.
π‘ This tells Okta to send the user's email address to SqlDBM so accounts can be matched correctly.
After SSO Is Enabled
New Users
- Accept the invite email from SqlDBM.
- Enter your email address.
- Verify with the one-time code sent to your inbox.
- Your account is linked and ready to go.
Existing Users
- Log in via the SSO button in Okta or by naigating to https://idp.sqldbm.com/sign-in/external/private
- On your first SSO login, verify your email with a one-time code.
- After that, just click and you're in.
Log in using SSO by selecting the appropriate IdP from the options provided, or proceed directly to the SQLDBM private SSO sign-in page
Quick Summary
- You open a ticket β get your company ID β configure Okta β send metadata URL back to SqlDBM.
- SqlDBM handles the final activation once they receive your metadata URL.
- Login uses your work email via SAML 2.0 β no extra passwords needed.