💡Note: This feature applies to enterprise and team users who already have an Okta account. It enables users to use an internal account to log in to Feishu without signing up, improving enterprise users’ account interconnectivity and Feishu login efficiency.
This feature is under grey testing. Super administrators can to enable this feature. Once this feature is enabled, super administrators needs to complete the SSO login configuration for team users to use this feature.
The email address in Feishu contacts and that of the Okta account must be consistent for the Feishu SSO login feature to be enabled successfully. Otherwise, please make them consistent before enabling this feature.
The administrator in Feishu Admin must complete the Okta configuration before configuring SSO login. Note: Only super administrators have the permission for the following actions:
Click Admin in the upper-right corner.
Log in to Okta and choose Applications - Applications.
Click Add Application in the upper-left corner.
Click Create New App in the upper-right corner.
Select Web and SAML 2.0 in the pop-up window.
Name the application in the pop-up window. You can name it Feishu. Then click Next.
Enter the following link on the second page:
Scroll down and click Add Another to add and edit attributes. Make sure you add the user.email column.
Scroll down and click Next.
On the third page, make the selections as shown in the figure, and then click Finish.
On the Applications page, go to the Assignments tab, and click Assign. Add the members you want to add to use this application.
On the Sign On tab, click View Setup Instructions to view the configuration information.
The information of the following three parameters will be used in Feishu Admin.
Note: The third parameter does not include BEGIN CERTIFICATE and END CERTIFICATE. Please copy the body text part in the middle.
- 2.Customize an enterprise domain name
Once you complete the Okta configuration, the administrator can then log in to Feishu Admin (feishu.cn/admin). If you need to set a domain name for your enterprise to facilitate employees’ login and use, go to Enterprise Settings -Enterprise Info - Modify to do so.
- 3.Configure SSO account login
You can go to Enterprise Settings - SSO Account Login to configure SSO account login.
Enter the information of the three parameters you obtained in the Okta account as shown in the figure (). Then click Save above configuration.
Click Enable Okta account login.
Congratulations! You’ve completed the SSO configuration and now you can log in to Feishu to try out the SSO login feature.
- 4.Login (applicable to all members in a team or enterprise)
You can log in on either Desktop or Mobile app. Download the latest version of Feishu and click SSO login.
Enter the enterprise domain name you’ve configured above.
Log in to Okta. The account name and password are the email address and the password in Okta, respectively.
👏 Configurations! Now you know how to configure SSO login. Apply it now.
💕 If you have any other questions, please search for Feishu Assistant or click your profile photo - Help and Customer Service - Online Customer Service for help. Feishu is always by your side.