Streamlit Single Sign-on homepage

Okta SAML is just one of the authenticators supported by Streamlit for Teams. We have already released documentation for Microsoft ADFS, Azure AD, and generic SAML.

Enabling Single Sign-On via Okta allows members of your organization to securely sign in to Streamlit using the same email address and password they already use for Okta.

  • Your developers can use Okta to log into Streamlit and access their app dashboard.
  • Your developers can also give access to app viewers through their Okta logins.
  • Viewers added to a private app can use Okta to authenticate their identity.
  • These viewers must be added to the app's viewer list by their Okta-associated email address.

There are three steps your team will need to complete to create an Okta SSO connection:

  1. Please complete this form.

    To complete steps 2 and 3, you will need an ACS URL and Identity Provider URI (Entity ID), which Streamlit will provide by emailing you a private Google Drive link. Please complete this form to provide us with your email address and some basic information about your organization.

  2. Provide Streamlit with a Token Signature (X.509 Certificate).



The Token Signature is a certificate used to securely sign tokens issued by Okta.

  1. Provide Streamlit with an Identity Provider SSO URL.



The IdP SSO URL provides Streamlit with a login endpoint to redirect your organization's users from our login page to your Okta login page.

Was this page helpful?

editSuggest edits

Still have questions?

Our forums are full of helpful information and Streamlit experts.