Articles in this section

See more

SSO Help center article

  • Updated

Set up OKTA Single Sign-On (SSO) for WaiverForever

This guide explains how to configure OKTA Single Sign-On (SSO) for your WaiverForever account. Once enabled, your team members can securely log in using their OKTA credentials.

Prerequisites

  • OKTA administrator access
  • WaiverForever Scale plan with SSO enabled
  • Owner or Administrator role in WaiverForever

Part 1: Configure the OKTA Application

Step 1: Create a New App Integration

  1. Log in to the OKTA Admin Console
  2. Go to Applications → Applications
  3. Click Create App Integration
image (9).png

 

Step 2: Select the Application Type

  1. Choose OIDC – OpenID Connect
  2. Select SPA (Single Page Application)
  3. Click Next
image (10).png

 

Step 3: Configure Application Settings

General Settings

  • App integration name: WaiverForever
  • Logo: Optional

Grant Type with: Authorization Code + Implicit (Hybrid)

  • Authorization Code (recommended)

Sign-in Redirect URIs

https://app.waiverforever.com/page/signin-callback

Assignments

  • Choose Allow everyone in your organization 
    or assign specific users / groups as needed
    image (11).png

 

Step 4: Save and Record Configuration

After saving the application, note the following values (required in Part 2):
  • Client ID (from Client Credentials)
  • OKTA Domain, for example:
  • https://your-company.okta.com

Part 2: Configure SSO in WaiverForever

  1. Log in to WaiverForever as an Owner or Administrator
  2. Go to Account Settings → General
  3. Scroll to Single Sign-On (SSO)
  4. Enter:
    1. Identity Provider: OKTA
    2. OKTA Domain
    3. Client ID
  5. Enable SSO and save changes
    5.png

 

Troubleshooting

❌ “IdP not found”

Possible causes
  • Organization name mismatch
  • SSO is disabled
  • SSO configuration was removed
How to fix
  1. Verify the Organization Name in WaiverForever
  2. Ensure SSO is Enabled
  3. Confirm the SSO login URL matches exactly

❌ “Identity Provider URL not found”

Possible causes
  • Incorrect OKTA domain
  • -admin suffix included
How to fix
  • Use:
  • https://your-company.okta.com
  • Do NOT use:
  • https://your-company-admin.okta.com

❌ “Missing email in IdP response”

Possible causes
  • Email claim not included in OKTA token
How to fix
  1. In OKTA, open the WaiverForever app
  2. Go to Sign On → ID Token
  3. Ensure email is included in token claims
  4. Save and test again

❌ User cannot see the OKTA login page

Possible causes
  • User not assigned to the app
How to fix
  1. Go to Applications → WaiverForever
  2. Open Assignments
  3. Assign the user or their group

❌ Redirect URI mismatch

How to fix
  1. Confirm the redirect URI in OKTA matches exactly:
  2. https://app.waiverforever.com/page/signin-callback
  3. Save and retry login

Related articles