1. Apollo
  2. Settings and Billing
  3. Users

Use Single Sign-On (SSO) on Apollo

Article author
Apollo Team
Updated

Overview

Single sign-on (SSO) is an authentication method that allows you and your team to securely log in to multiple apps and sites using a single set of credentials. If your team uses SSO authentication, you can set up SSO for Apollo. Apollo supports both SP and IdP-initiated SSO through SAML and SCIM integrations.

Apollo supports the following SSO providers:

Check out the following steps to set up SSO, assign users to Apollo, and log in to Apollo with SSO.

 
Admin Only

Only users with both SSO provider and Apollo admin access can set up SSO on Apollo. If you're not an admin for either account, share this article with a team member who has the necessary permissions.

Back to Top

Set Up SSO

 
The SSO Way or No Way

When you enable SSO, you and your team can only log in to Apollo via SSO. If you try to log in using another method, Apollo redirects you to SSO sign-in.

To set up SSO on Apollo, follow the steps for your provider:

 
Claim Closed

Apollo doesn't currently support custom SAML claim or attribute mapping.

Google

To set up SSO via Sign in with Google:

  1. Launch Apollo, and click Settings > Users and teams > Security > Single sign on.
  2. Select Google.
  • Click Save & Enforce SSO.
Save & Enforce SSO button is highlighted

You have set up SSO on Apollo. Your team can now log in to Apollo with SSO.

 
Getting Stuck?

If you run into issues or need help with set up, reach out to your organization's Google Admin or check out Google Support.

Back to Top

Microsoft

To set up SSO with Microsoft:

  1. Launch Apollo, and click Settings > Security > Single sign on.
  2. Select Microsoft.
Microsoft is highlighted on Single sign on identity provider dropdown
  1. Click Save & Enforce SSO.
Save & Enforce SSO button is highlighted

You have set up SSO on Apollo. Your team can now log in to Apollo with SSO.

 
Getting Stuck?

If you run into issues or need help with set up, reach out to your organization's Microsoft Admin or check out Microsoft Support.

Back to Top

Microsoft Entra ID (formerly Azure)

Step 1: Configure SSO

To set up SSO with Microsoft Entra ID:

  1. Launch Apollo, and click Settings > Security > Single sign on.
  2. Select Microsoft Entra ID.
Microsoft Entra ID is selected as the identity provider
  1. Copy the Apollo single sign-on URL and entity ID to a secure location.
Apollo entity ID and SSO URL
  1. Keep the Apollo tab open and log in to Microsoft Entra Admin in a separate tab. Navigate to Identity > Applications > Enterprise applications > All applications.
  2. Click to add an application, and name it Apollo.io.
  3. Under Manage, click Single sign-on and select SAML.
  4. In the set up toolkit, copy the values for login URL and Microsoft Entra ID to a secure location.
  5. Click Edit beside Basic SAML configuration. Paste the entity ID copied from Apollo into the Identifier (Entity ID) field. Paste the single sign on URL copied from Apollo into the Reply URL field.
  6. Next, copy the Entra ID single sign-on URL and identity provider entity ID to a secure location. In the SAML Certificates section, click Download for Certificate (Base64) to download the SAML signing certificate and save it to use later.
  7. Return to Apollo and paste the sign on URL you copied in Entra into the Identity provider single sign-on URL field.
The identity provider single sign on URL field is highlighted
  1. Then, paste the Microsoft Entra ID you copied into the Identity provider entity ID field in Apollo.
The Identity provider entity ID field is highlighted
  1. Paste the text from the signing certificate you downloaded and copied in Entra into the Identity provider certificate field in Apollo.
The Identity provider certificate field is highlighted
  1. When finished, click Save & Enforce SSO.
The Save & Enforce SSO button is highlighted

You have now set up SSO on Apollo. Next, assign users to Apollo in Entra ID.

 
Getting Stuck?

If you run into issues or need help with set up, reach out to your organization's Entra ID Admin or check out Learn Microsoft.

Back to Top

Step 2. Assign Users in Entra ID

 
Streamline User Management

Want to set up SCIM user provisioning to streamline user management between Entra ID and Apollo? Hop into Configure SCIM User Provisioning for the walkthrough.

To assign users to Apollo in Entra:

  1. Open a new browser tab and navigate to the single sign-on URL for Entra.
  2. Click Register and enter the email addresses of the people that should have access to Apollo. Enter a password and confirm. Click Register.
  3. If auto-provisioning is enabled, restart provisioning in Microsoft Entra whenever a user is added, updated, or deleted in Apollo.

To allow users to self-service the application, check out Enable self-service access on Microsoft Entra.

Your team can now log in to Apollo with SSO.

 
Just You, Not the Crew

Apollo supports users but not user groups during SSO logins. If you try to log in with a user group, you'll be left out in the cold!

Back to Top

Okta

Step 1: Configure SSO

To set up SSO with Okta on Apollo:

  1. Launch Apollo, and click Settings > Security > Single sign on.
  2. Select Okta.
Okta is selected as the identity provider
  1. Copy the Apollo single sign-on URL and entity ID to a secure location.
Apollo entity ID and SSO URL
  1. Keep this tab open and log in to Okta in another tab. In Okta, navigate to Applications, then click Browse App Catalog.
  2. Search for and click Apollo.io.
  3. Then click Add Integration.
Add integration button in Okta
    1. Enter Apollo.io for the application label and click Done.
    2. Click Sign On on the Apollo.io app.
    3. Scroll to Advanced Sign-on Settings to find the Apollo entity ID field. Paste the Apollo entity ID that you copied from Apollo earlier.
    4. Scroll to Credentials Details and select Email from the Application username format dropdown. Click Save.
    5. Scroll to Metadata details and copy the text in the Sign on URL and Issuer fields to a secure location.
    6. Next, click Download to get the signing certificate. Copy the full text, including the -BEGIN CERTIFICATE- and -END CERTIFICATE- lines.
Download and copy signing certificate
  1. Return to Apollo and paste the sign on URL you copied in Okta into the Identity provider single sign-on URL field.
Identity provider single sign-on URL field in Apollo
  1. Then, paste the issuer text you copied in Okta into the Identity provider entity ID field in Apollo.
Identity provider entity ID field in Apollo
  1. Paste the text from the signing certificate you downloaded and copied in Okta into the Identity provider certificate field in Apollo.
Identity provider certificate field in Apollo
  1. When finished, click Save & Enforce SSO.
Save and enforce SSO button in Apollo

You have now set up SSO on Apollo. Next, assign users to Apollo in Okta.

 
Getting Stuck?

If you run into issues or need help with set up, reach out to your organization's Okta Admin or check out Okta Support.

Back to Top

Step 2. Assign Users in Okta

 
Streamline User Management

Want to set up SCIM user provisioning to streamline user management between Okta and Apollo? Hop into Configure SCIM User Provisioning for the walkthrough.

To assign users to Apollo in Okta:

  1. Launch Okta and navigate to the Apollo app on the Applications page. Click Assignments.
  2. Click Assign, and then select Assign to People or Assign to Groups.
  3. Click Assign beside the person or group you want to add.
  4. Click Save and Go Back. Repeat the process for every user or group you want to assign access to Apollo.
  5. When finished, click Done.
  6. Click Assignments to display every user that you have assigned to Apollo.

Your team can now log in to Apollo with SSO.

Back to Top

Log in with SSO

Once you've enabled SSO, you and your team must log in to Apollo with SSO.

To log in to Apollo with SSO:

  1. Launch Apollo and click the log in button for your provider.

Apollo sign in page

  1. Enter your email address, and click Log in.

Apollo SSO log in page

  1. If you're not already logged in to your SSO provider, Apollo redirects you to SSO sign-in. Enter your credentials and click Log in.

You have now logged into Apollo via SSO.

 
Admin Login

If you're an SSO admin, when you enter your credentials, your SSO provider will redirect you to your admin account. Navigate to the Apollo app and click it to open Apollo.

Back to Top

Next Steps

Once your SSO setup is in place, here are some practical next steps to keep access and user management tight across your team.

Configure SCIM User Provisioning for SSO You can configure SCIM user provisioning to automatically create, update, and deactivate Apollo users as your identity provider changes, so SSO access stays accurate without extra manual work.
Add, Manage, and Deactivate Users After SSO is live, you can add, manage, and deactivate users to keep your workspace clean and ensure that only the right people can sign in through your identity provider.
Create and Assign Permission Profiles Once your core user list looks good, create and assign permission profiles so each person on your team sees the right data and tools for their role when they land in Apollo.
Configure Advanced Security Protocols on Apollo For an extra security layer around SSO, you can configure advanced security protocols like MFA, IP allowlisting, and login controls to better protect access to your Apollo data.
Admin Settings Overview When you are ready to tune the rest of your environment, explore the full admin settings overview to review security, integrations, and account controls in one place and keep governance tight as your SSO rollout scales.

Back to Top