Shine a light on shadow apps

ConductorOne Docs

Sign up for ConductorOne using Okta

Use the Okta ConductorOne application to set up ConductorOne and enable single-sign-on access for your users.


If you’re an Okta user looking to set up ConductorOne for your organization, you’ve come to the right place. Follow the instructions on this page to set up ConductorOne so your colleagues can SSO in with their existing Okta credentials.

Supported features

The ConductorOne Okta integration allows ConductorOne users to log into the application using Okta as a single sign-on (SSO) provider. The following features are supported:

  • Service Provider (SP)-Initiated Authentication (SSO) Flow - This authentication flow occurs when the user attempts to log into the application from ConductorOne.

  • Identity Provider (IDP)-Initiated Authentication (SSO) Flow - This authentication flow occurs when the user attempts to log into ConductorOne from Okta.

  • Automatic account creation in ConductorOne on initial SSO.

๐Ÿ“‹ Before you begin

A ConductorOne invite code is required for the setup process. If you don’t yet have an invite code, contact

Step 1: Create a ConductorOne instance

  1. Navigate to

  2. In the Domain field, enter the domain you want to use for your ConductorOne instance. This will form the URL at which your users access ConductorOne.

    • For example, if you work at Acme Co., enter acmeco to generate an domain.
  3. In the Display name field, enter the name of your company.

  4. In the Invite code field, paste in the invite code you received from ConductorOne. Note that the code is case-sensitive.

  5. Click Sign up with Okta.

A new page called Setting up Okta to work with ConductorOne opens. Leave this page open, and open a new browser tab to set up the ConductorOne application in Okta. Once the Okta application is set up, you’ll return to this registration page to complete ConductorOne signup.

Step 2: Add the ConductorOne application to Okta

  1. In a new browser tab, navigate to the Okta admin console and click Applications > Applications > Browse App Catalog.

  2. Search for “ConductorOne” and select the ConductorOne app.

  3. On the ConductorOne app page, click Add Integration.

  4. In the Subdomain field, enter the domain you chose for your ConductorOne instance.

  5. Select whether you want to make the ConductorOne application visible to users.

  6. Click Done.

Step 3: Assign the ConductorOne app to an Okta user or group

Assign the ConductorOne app to an Okta user or group so the user or group can access and use the app.

  1. Still in the Okta admin console, click the ConductorOne app’s Assignments tab.

  2. Click Assign and select either Assign to People or Assign to Groups.

  3. Locate the user or group you want to assign the app integration to and click Assign.

  4. Confirm that the data is correct in the Assign ConductorOne to dialog.

  5. Click Save and Go Back.

  6. The Assigned button for the user or group is disabled to indicate the app integration is assigned.

  7. If necessary, repeat steps 2-6 to assign the ConductorOne app to additional users or groups.

  8. Click Done.

New ConductorOne users are automatically granted the Basic User user role. A Super Administrator in ConductorOne can change users’ roles as needed. See User roles for more information.

Step 4: Copy Okta application auth details to ConductorOne

The final step is to add the Client ID and Secret to the Setting up Okta to work with ConductorOne page. To complete this step you’ll move back and forth between your Okta tab and the ConductorOne registration tab.

  1. In Okta, if necessary, click Applications > Applications > ConductorOne to return to the new ConductorOne application’s details screen.

  2. In Okta, copy your Okta domain (such as from the browser’s address bar.

  3. In ConductorOne, paste your Okta domain into the Okta domain field.

  4. In Okta, click the Sign On tab. Copy the ConductorOne app’s client ID by clicking the Copy to clipboard icon.

  5. In ConductorOne, paste the client ID into the Client ID field.

  6. In Okta, copy the ConductorOne app’s client secret by clicking the Copy to clipboard icon.

  7. In ConductorOne, paste the client secret into the Client secret field.

  8. In ConductorOne, click Sign up with Okta.

Okta will now guide you through the SSO sign-in process and redirect you to the ConductorOne dashboard.

What’s next?

In the next step of the setup process, we’ll integrate the apps that hold key information about your company’s employees, such as your human resources app or your identity provider (IdP). ConductorOne uses the data from these directory apps to build a complete and accurate list of your organizations’ employees and create ConductorOne user accounts for them. When you’re ready, move on to Connect your user directory.