Check out our new GPU Glossary! Read now
Modal logo
IntroductionCustom container images Defining ImagesPrivate registriesFast pull from registryGPUs and other resources GPU accelerationUsing CUDA on ModalReserving CPU and memoryScaling out Scaling outDicts and queuesJob processingConcurrent inputs on a single container (beta)Dynamic batching (beta)Scheduling and cron jobsDeployment Apps, Stubs, and entrypointsManaging deploymentsInvoking deployed functionsContinuous deploymentSecrets and environment variables SecretsEnvironment variablesWeb endpoints Web endpointsStreaming endpointsWeb endpoint URLsRequest timeoutsWebhook tokens (beta)Networking Tunnels (beta)Proxies (beta)Data sharing and storage Passing local dataVolumesMounting local files and directoriesStoring model weightsDataset ingestionCloud bucket mountsNetwork file systems (superseded)Sandboxes SandboxesRunning commandsNetworking and securityFile accessSnapshotsPerformance Cold start performanceMemory Snapshot (beta)Geographic latencyReliability and robustness Failures and retriesPreemptionTimeoutsTroubleshootingSecurity and privacyIntegrations Using OIDC to authenticate with external servicesConnecting Modal to your Vercel accountConnecting Modal to your Datadog accountConnecting Modal to your OpenTelemetry providerOkta SSOSlack notifications (beta)Other topics File and project structureDeveloping and debuggingModal user account setupWorkspacesEnvironmentsJupyter notebooksAsynchronous API usageGlobal variablesRegion selectionContainer lifecycle hooksParameterized functionsS3 Gateway endpoints

Okta SSO

Prerequisites

  • A Workspace that’s on an Enterprise plan
  • Admin access to the Workspace you want to configure with Okta Single-Sign-On (SSO)
  • Admin privileges for your Okta Organization

Supported features

  • IdP-initiated SSO
  • SP-initiated SSO
  • Just-In-Time account provisioning

For more information on the listed features, visit the Okta Glossary.

Configuration

Read this before you enable “Require SSO”

Enabling “Require SSO” will force all users to sign in via Okta. Ensure that you have admin access to your Modal Workspace through an Okta account before enabling.

Configuration steps

Step 1: Add Modal app to Okta Applications

  1. Sign in to your Okta admin dashboard

  2. Navigate to the Applications tab and click “Browse App Catalog”. Okta browse application

  3. Select “Modal” and click “Done”.

  4. Select the “Sign On” tab and click “Edit”. Okta sign on edit

  5. Fill out Workspace field to configure for your specific Modal workspace. See Step 2 if you’re unsure what this is. Okta add workspace

  1. Navigate to your application on the Okta Admin page.

  2. Copy the Metadata URL from the Okta Admin Console (It’s under the “Sign On” tab). Okta metadata url

  3. Sign in to https://modal.com and visit your Workspace Management page (e.g. https://modal.com/settings/[workspace name]/workspace-management)

  4. Paste the Metadata URL in the input and click “Save Changes”

Step 3: Assign users / groups and test the integration

  1. Navigate back to your Okta application on the Okta Admin dashboard.
  2. Click on the “Assignments” tab and add the appropriate people or groups.

Okta Assign Users

  1. To test the integration, sign in as one of the users you assigned in the previous step.
  2. Click on the Modal application on the Okta Dashboard to initiate Single Sign-On.

Notes

The following SAML attributes are used by the integration:

Name Value
email user.email
firstName user.firstName
lastName user.lastName

SP-initiated SSO

The sign-in process is initiated from https://modal.com/login/sso

  1. Enter your workspace name in the input
  2. Click “continue with SSO” to authenticate with Okta