[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"sanity-ash3xpSltHdy02NAfjz97wu4efqNml-FveiR6HlfKtY":3,"sanity-KLXwuGj1HJPe8B2dBAhkxenwz88UkNB_eHBnXDoO4es":236},{"data":4,"sourceMap":-1},{"latestPodcast":5,"latestReleases":14,"post":39,"recent":211},[6],{"_id":7,"publishedAt":8,"slug":9,"sponsored":12,"title":13},"f83eb5f0-1237-487f-84d8-f7abf2318c39","2026-06-25T07:40:00.000Z",{"_type":10,"current":11},"slug","code-isnt-causing-your-production-failures",null,"Code isn’t the only thing causing your production failures",[15,21,27,33],{"_id":16,"publishedAt":17,"slug":18,"title":20},"eb5b66eb-9410-4329-83bb-22bbff39402a","2026-04-28T13:00:00.000Z",{"_type":10,"current":19},"turn-scattered-knowledge-into-trusted-intelligence","Turning scattered knowledge into trusted intelligence: Stack Internal 2026.3",{"_id":22,"publishedAt":23,"slug":24,"title":26},"369c2401-b62e-4a37-8ff8-bf603023ecad","2026-03-02T15:03:00.988Z",{"_type":10,"current":25},"what-s-new-at-stack-overflow-march-2026","What’s new at Stack Overflow: March 2026",{"_id":28,"publishedAt":29,"slug":30,"title":32},"5e9053a4-07ea-447c-91ea-29e0b6228537","2026-02-02T15:00:00.000Z",{"_type":10,"current":31},"what-s-new-at-stack-overflow-february-2026","What’s new at Stack Overflow: February 2026",{"_id":34,"publishedAt":35,"slug":36,"title":38},"a1b538eb-a8a6-46d0-80a1-ac70ec9bb935","2026-01-05T10:00:00.000-05:00",{"_type":10,"current":37},"what-s-new-at-stack-overflow-january-2026","What’s new at Stack Overflow: January 2026",{"_createdAt":40,"_id":41,"_rev":42,"_type":43,"_updatedAt":44,"author":45,"body":61,"comments":155,"dateUrl":156,"excerpt":157,"image":158,"legacyBody":161,"product":12,"publishedAt":164,"slug":165,"sponsored":12,"tags":167,"title":210,"visible":155},"2023-05-25T09:39:11Z","wp-post-11275","dgl3SCUzppW3U2LvCoSTGG","blogPost","2023-07-13T14:55:19Z",[46],{"_createdAt":47,"_id":48,"_rev":49,"_type":50,"_updatedAt":51,"avatar":52,"employee":57,"name":58,"slug":59},"2023-05-23T16:27:18Z","wp-author-221","dgl3SCUzppW3U2LvCoP35A","blogAuthor","2023-06-20T15:05:08Z",{"_type":53,"asset":54},"image",{"_ref":55,"_type":56},"image-7c598bd7248ab66db6ed910ab3e536e49a76413b-1024x1024-jpg","reference","current","Roberta Arcoverde",{"current":60},"rarcoverde",[62,73,82,90,98,106,116,124],{"_key":63,"_type":64,"children":65,"markDefs":71,"style":72},"1dd465df3732","block",[66],{"_key":67,"_type":68,"marks":69,"text":70},"1dd465df37320","span",[],"Hi, I’m Roberta Arcoverde, a Principal Software Developer at Stack Overflow. A few months ago I was tasked with figuring out how to enable single sign-on for Stack Overflow for Teams. We felt it was important to add SSO to the private version of Stack Overflow so the admins of our Teams could easily and securely add users to our knowledge management tool. With SSO, admins no longer have to send out individual invites to team members or spend time removing team members who might have left the company. With a centralized source for credentials, Team admins get more time back in their day.\n\nNow, while this change was aimed at our private product, there was a large challenge that had a big impact on the scope of work. To enable SSO for Teams, we also had to rewrite a large portion of how we authenticate users on our public Stack Overflow site. SSO requires an additional level of security, and as a result, we had to carry out one of the largest updates to the authentication code since Stack Overflow has been around.\n\nThe first problem we had to solve was how to create unique Stack Overflow credentials from requests coming from external identity providers. Additionally, we had to build from scratch a completely new level of security for managing user sessions. SSO sessions are temporary, and Team admins can determine how long they should last. Upon expiring, users are asked to re-authenticate with their SSO credentials to access their Teams. We have no such demand on the public Stack Overflow, so that entire mechanism had to be built and integrated to the existing code that manages account sessions and credentials.\n\nIt took a team of 3 engineers working for 3 months to make it happen, but now that it’s done, it’s been gratifying to see that this is a really desirable feature within Stack Overflow Business and Stack Overflow Enterprise. More than 40% of Stack Overflow Business use SSO and 100% of our Enterprise customers rely on it. We are now involved in ongoing work to strengthen and improve integrations with various SSO providers, like Okta, and you can read more details of how that will work below.\n\n",[],"normal",{"_key":74,"_type":64,"children":75,"markDefs":80,"style":81},"e287b3115a3d",[76],{"_key":77,"_type":68,"marks":78,"text":79},"e287b3115a3d0",[],"Benefits of single sign-on",[],"h2",{"_key":83,"_type":64,"children":84,"markDefs":89,"style":72},"2f6e81f5e799",[85],{"_key":86,"_type":68,"marks":87,"text":88},"2f6e81f5e7990",[],"If you’re not familiar, single sign-on (SSO) has become an industry standard, helping to provide quick and secure access to multiple, yet independent, applications with one set of credentials.\n\nWe prioritized the development of SSO after several notable conversations with our customers, and added this must-have feature for the premium tiers of Stack Overflow for Teams, both Business and Enterprise.\n\nBecause of the wide-spread use of SAML 2.0, we support it as an authentication protocol for SSO, and any identity provider that supports SAML, such as Google Apps, Azure AD, OneLogin, and Okta, can be used for accessing Stack Overflow Business and Enterprise.\n\n",[],{"_key":91,"_type":64,"children":92,"markDefs":97,"style":81},"14f4b1aee9e3",[93],{"_key":94,"_type":68,"marks":95,"text":96},"14f4b1aee9e30",[],"Integration with Okta",[],{"_key":99,"_type":64,"children":100,"markDefs":105,"style":72},"15decce5fe38",[101],{"_key":102,"_type":68,"marks":103,"text":104},"15decce5fe380",[],"Okta is a leader in Identity-as-a-Software, and with the launch of SSO, we knew it was a must to configure SSO for our private instance of Stack Overflow to work seamlessly with Okta.\n\nWe had a handful of Alpha customers that our dev team worked closely with — this was extremely helpful. We Wanted to make sure to the integration worked just as expected, and by video chatting with customers, sharing our screens and our documentation we got the information from our Alpha customers in no time.\n\nAnd the key findings from our Alpha customers? Most of our Alpha customers prefer to log in to Okta first instead of Stack Overflow’s private Q&A instance. Information on the workflow helped to inform how to build the integration.\n\nThe integration works in two ways:\n\n",[],{"_key":107,"_type":64,"children":108,"level":113,"listItem":114,"markDefs":115,"style":72},"8d51236132b3",[109],{"_key":110,"_type":68,"marks":111,"text":112},"8d51236132b30",[],"When a user visits their Stack Overflow for Teams account (Business or Enterprise), they can enter their Okta credentials for authentication.\n",1,"number",[],{"_key":117,"_type":64,"children":118,"level":113,"listItem":114,"markDefs":123,"style":72},"d5cfbce7b126",[119],{"_key":120,"_type":68,"marks":121,"text":122},"d5cfbce7b1260",[],"Stack Overflow Business and Enterprise are accessible from Okta. Users can login to their Okta account and have direct access to Business or Enterprise using one set of credentials.\n",[],{"_key":125,"_type":64,"children":126,"markDefs":149,"style":72},"0a0e5ff06a69",[127,131,136,140,145],{"_key":128,"_type":68,"marks":129,"text":130},"0a0e5ff06a690",[],"A special thanks to all the Alpha customers who helped us improve our ",{"_key":132,"_type":68,"marks":133,"text":135},"0a0e5ff06a691",[134],"d8da6c606ac1","documentation",{"_key":137,"_type":68,"marks":138,"text":139},"0a0e5ff06a692",[]," about configuring SSO with Okta.\n\nIf you want to learn more about Stack Overflow for Teams and how it can help your organization speed up onboarding and improve knowledge sharing, check out our offerings ",{"_key":141,"_type":68,"marks":142,"text":144},"0a0e5ff06a693",[143],"2c9ff6ad0742","here",{"_key":146,"_type":68,"marks":147,"text":148},"0a0e5ff06a694",[],".",[150,153],{"_key":134,"_type":151,"href":152,"reference":12},"link","https://www.stackoverflow.help/support/solutions/articles/36000132325-configuring-single-sign-on-with-okta",{"_key":143,"_type":151,"href":154,"reference":12},"https://stackoverflow.com/teams",true,"2019/07/11","",{"_type":53,"asset":159},{"_ref":160,"_type":56},"image-0c24125ebe5b2d2d6cf08855bb255878f5ced30f-1024x683-jpg",{"code":162,"language":163},"\u003C!-- wp:paragraph -->\nHi, I’m Roberta Arcoverde, a Principal Software Developer at Stack Overflow. A few months ago I was tasked with figuring out how to enable single sign-on for Stack Overflow for Teams. We felt it was important to add SSO to the private version of Stack Overflow so the admins of our Teams could easily and securely add users to our knowledge management tool. With SSO, admins no longer have to send out individual invites to team members or spend time removing team members who might have left the company. With a centralized source for credentials, Team admins get more time back in their day. \n\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nNow, while this change was aimed at our private product, there was a large challenge that had a big impact on the scope of work. To enable SSO for Teams, we also had to rewrite a large portion of how we authenticate users on our public Stack Overflow site. SSO requires an additional level of security, and as a result, we had to carry out one of the largest updates to the authentication code since Stack Overflow has been around. \n\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nThe first problem we had to solve was how to create unique Stack Overflow credentials from requests coming from external identity providers. Additionally, we had to build from scratch a completely new level of security for managing user sessions. SSO sessions are temporary, and Team admins can determine how long they should last. Upon expiring, users are asked to re-authenticate with their SSO credentials to access their Teams. We have no such demand on the public Stack Overflow, so that entire mechanism had to be built and integrated to the existing code that manages account sessions and credentials.  \u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nIt took a team of 3 engineers working for 3 months to make it happen, but now that it’s done, it’s been gratifying to see that this is a really desirable feature within Stack Overflow Business and Stack Overflow Enterprise. More than 40% of Stack Overflow Business use SSO and 100% of our Enterprise customers rely on it.  We are now involved in ongoing work to strengthen and improve integrations with various SSO providers, like Okta, and you can read more details of how that will work below. \u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:heading -->\n\n\u003Ch2>Benefits of single sign-on\u003C/h2>\n\n\u003C!-- /wp:heading -->\n\n\u003C!-- wp:paragraph -->\nIf you’re not familiar, single sign-on (SSO) has become an industry standard, helping to provide quick and secure access to multiple, yet independent, applications with one set of credentials. \u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nWe prioritized the development of SSO after several notable conversations with our customers, and added this must-have feature for the premium tiers of Stack Overflow for Teams, both Business and Enterprise.\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nBecause of the wide-spread use of SAML 2.0, we support it as an authentication protocol for SSO, and any identity provider that supports SAML, such as Google Apps, Azure AD, OneLogin, and Okta, can be used for accessing Stack Overflow Business and Enterprise.\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:heading -->\n\n\u003Ch2>Integration with Okta\u003C/h2>\n\n\u003C!-- /wp:heading -->\n\n\u003C!-- wp:paragraph -->\nOkta is a leader in Identity-as-a-Software, and with the launch of SSO, we knew it was a must to configure SSO for our private instance of Stack Overflow to work seamlessly with Okta. \n\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nWe had a handful of Alpha customers that our dev team worked closely with — this was extremely helpful. We Wanted to make sure to the integration worked just as expected, and by video chatting with customers, sharing our screens and our documentation we got the information from our Alpha customers in no time. \n\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nAnd the key findings from our Alpha customers? Most of our Alpha customers prefer to log in to Okta first instead of Stack Overflow’s private Q&A instance. Information on the workflow helped to inform how to build the integration. \n\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nThe integration works in two ways:\u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:list {\"ordered\":true} -->\n\n\u003Col>\u003Cli>When a user visits their Stack Overflow for Teams account (Business or Enterprise), they can enter their Okta credentials for authentication. \u003Cbr>\n\u003C/li>\u003Cli>Stack Overflow Business and Enterprise are accessible from Okta. Users can login to their Okta account and have direct access to Business or Enterprise using one set of credentials. \u003Cbr> \u003C/li>\u003C/ol>\n\n\u003C!-- /wp:list -->\n\n\u003C!-- wp:paragraph -->\nA special thanks to all the Alpha customers who helped us improve our \u003Ca href=\"https://www.stackoverflow.help/support/solutions/articles/36000132325-configuring-single-sign-on-with-okta\">documentation\u003C/a> about configuring SSO with Okta. \u003Cbr>\n\u003C!-- /wp:paragraph -->\n\n\u003C!-- wp:html -->\n\u003Cbr>\n\u003C!-- /wp:html -->\n\n\u003C!-- wp:paragraph -->\nIf you want to learn more about Stack Overflow for Teams and how it can help your organization speed up onboarding and improve knowledge sharing, check out our offerings \u003Ca href=\"https://stackoverflow.com/teams\">here\u003C/a>.\n\u003C!-- /wp:paragraph -->","html","2019-07-11T14:34:57.000Z",{"current":166},"single-sign-on-sso-stack-overflow-okta-integration",[168,176,178,182,186,205],{"_createdAt":169,"_id":170,"_rev":171,"_type":172,"_updatedAt":169,"slug":173,"title":175},"2023-05-23T16:43:21Z","wp-tagcat-engineering","9HpbCsT2tq0xwozQfkc4ih","blogTag",{"current":174},"engineering","Engineering",{"_createdAt":169,"_id":170,"_rev":171,"_type":172,"_updatedAt":169,"slug":177,"title":175},{"current":174},{"_createdAt":169,"_id":179,"_rev":171,"_type":172,"_updatedAt":169,"slug":180,"title":181},"wp-tagcat-security",{"current":181},"security",{"_createdAt":169,"_id":183,"_rev":171,"_type":172,"_updatedAt":169,"slug":184,"title":185},"wp-tagcat-sso",{"current":185},"sso",{"_createdAt":169,"_id":187,"_rev":188,"_system":189,"_type":172,"_updatedAt":192,"description":193,"slug":202,"title":204},"wp-tagcat-stack-overflow-for-teams","FumDKDH8vd8OVFbknOKFJY",{"base":190},{"id":187,"rev":191},"66bNz0mmUxbMe9OZ0bbNam","2025-11-18T18:48:38Z",[194],{"_key":195,"_type":64,"children":196,"markDefs":201,"style":72},"e83c43fa0a26",[197],{"_key":198,"_type":68,"marks":199,"text":200},"a53345e47569",[],"Formerly Stack Overflow for Teams",[],{"current":203},"stack-internal","Stack Internal",{"_createdAt":169,"_id":206,"_rev":171,"_type":172,"_updatedAt":169,"slug":207,"title":209},"wp-tagcat-stackoverflow",{"current":208},"stackoverflow","Stackoverflow","Lessons Learned: Adding Single Sign-On to Stack Overflow for Teams",[212,218,224,230],{"_id":213,"publishedAt":214,"slug":215,"sponsored":12,"title":217},"28e560af-f0aa-4d46-bd90-f435ad604aa7","2026-06-26T14:00:27.102Z",{"_type":10,"current":216},"paging-charity-how-can-engineering-leaders-avoid-becoming-bond-villains","Paging Charity! How can engineering leaders avoid becoming Bond villains?",{"_id":219,"publishedAt":220,"slug":221,"sponsored":12,"title":223},"4b22c2a3-3779-4966-93eb-5230391dbdce","2026-06-23T14:08:58.595Z",{"_type":10,"current":222},"your-ai-shipped-a-backend-that-boots-that-is-the-whole-problem","Your AI shipped a backend that boots. That is the whole problem.",{"_id":225,"publishedAt":226,"slug":227,"sponsored":12,"title":229},"5cf362e1-fe7b-45af-b69c-914731c6a052","2026-06-23T14:00:00.000Z",{"_type":10,"current":228},"the-2026-developer-survey-is-now-open-for-human-developers-only","The 2026 Developer Survey is now open (for human developers only)!",{"_id":231,"publishedAt":232,"slug":233,"sponsored":12,"title":235},"30b995f7-7cb9-4dd8-bf71-d0685940a32b","2026-06-19T14:00:00.000Z",{"_type":10,"current":234},"dispatches-from-o-reilly-from-capabilities-to-responsibilities","Dispatches from O'Reilly: From capabilities to responsibilities",{"data":237,"sourceMap":-1},{"count":238,"lastTimestamp":239},4,"2023-05-25T09:46:41Z"]