Skip to main content
This article describes how to set up SSO with Okta that is fast and secure. The feature includes:
  • Service Provider (SP)-Initiated Authentication (SSO) Flow: The authentication flow occurs when the user logs in to Augment Code.
  • Just-In-Time (JIT) Provisioning: Users are automatically created on their first login. Email and name attributes are provisioned.
  • Universal Logout: When enabled, Okta can terminate user sessions and tokens when risk is detected or when an admin initiates logout.

Just-in-time (JIT) provisioning

With JIT provisioning enabled, users are automatically created in Augment Code when they first sign in via Okta.
  • When a user authenticates via Okta for the first time, a new user account is automatically created with the email and name from Okta.
  • The user is granted access to Augment Code immediately.
Attributes Provisioned:
  • Email address
  • Full name

Prerequisites

  • Okta admin rights to configure the setup.
  • Contact your Augment Code Account team to initiate the SSO onboarding flow.

Configuration steps

  1. Add the Augment Code application in Okta
  2. Express configure SSO
  3. Enable universal logout
  4. Assign users and test

Step 1: Add the Augment Code application in Okta

  1. In your Okta admin panel, go to Applications > Applications > Browse App Catalog.
  2. Search for Augment Code, select and click on Add Integration.
  3. Click Done.

Step 2: Express configure SSO

  1. In the newly created Augment Code application, go to the Sign On tab.
  2. Click Express Configure & Universal UL.
  3. When prompted for Augment Code authentication, enter your admin email, then the email OTP provided by Augment Code.
  4. In the next screen, approve the connection with Augment Code to complete the setup.

Step 3: Enable universal logout

  1. In the Sign On tab of the Augment Code application.
  2. Activate the checkbox Okta system or admin initiates logout.

Step 4: Assign users and test

Once Augment Code has confirmed the setup is complete:
  1. Assign the admin account to the Augment Code application in Okta.
  2. Assign any other users or groups that should have access to Augment Code.
  3. Test the login flow. Open app.augmentcode.com and log in with the admin account.
  4. You should be automatically redirected to your Okta login page.

Universal logout

When Universal Logout is enabled, Okta can terminate user sessions across all applications. The feature ensures that when a user is logged out of Okta, they are also logged out of Augment Code. Universal logout is triggered when:
  • An administrator initiates a logout from the Okta Admin Console.
  • The Okta system detects risk and terminates sessions for security.
Note: app session expires after 10 hours regardless of activity.

Troubleshooting

If you need help, contact your Augment Code Account team.