diff --git a/site/sigmaguides/src/security_sso_okta/_shared_assets/Sigma_Footer.png b/site/sigmaguides/src/security_sso_okta/_shared_assets/Sigma_Footer.png
new file mode 100644
index 00000000..df51d771
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/_shared_assets/Sigma_Footer.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/administration_sso_okta.md b/site/sigmaguides/src/security_sso_okta/administration_sso_okta.md
new file mode 100644
index 00000000..2fd67848
--- /dev/null
+++ b/site/sigmaguides/src/security_sso_okta/administration_sso_okta.md
@@ -0,0 +1,711 @@
+author: pballai
+id: administration_sso_okta
+summary: administration_sso_okta
+categories: security
+environments: web
+status: Published
+feedback link: https://github.com/sigmacomputing/sigmaquickstarts/issues
+tags: default
+lastUpdated: 2023-05-01
+
+# Single Sign-On with Sigma and Okta
+
+
+## Overview
+Duration: 5
+
+We can configure Sigma to use Single Sign-On (SSO) Authentication with any platform that supports SAML (ie Okta, OneLogin and Google SSO). We can also configure Sigma to use custom implementations that uses SAML.
+
+For this QuickStart, we will focus on Okta.
+
+When using Okta SSO, there are several user management options available. These include:
+
+
+
User Provisioning: Okta can automatically provision user accounts in the target applications when the user is added or modified in Okta. This can reduce manual effort and ensure consistency across applications.
+
User Deprovisioning: Okta can automatically deprovision user accounts in the target applications when the user is deleted or deactivated in Okta. This can help ensure that former employees or contractors no longer have access to company data.
+
Group Management: Okta allows administrators to create groups and assign users to those groups. This can simplify application provisioning and deprovisioning by allowing administrators to manage access based on groups instead of individual users.
+
Access Policies: Okta allows administrators to define access policies that govern user access to specific applications or data. These policies can be based on factors such as user location, device, or role.
+
Password Policies: Okta provides password policies that can enforce password complexity rules and expiration policies. This can help ensure that users have strong passwords and reduce the risk of password-related security breaches.
+
User Self-Service: Okta provides a self-service portal that allows users to reset their passwords or update their profile information. This can reduce the burden on IT help desks and improve user satisfaction.
+
+
+While Okta has many options available, we will focus on the foundational features.
+
+ ### Target Audience
+Sigma administrators or security professionals who are interested in learning how to implement Sigma SSO with Okta.
+
+### Prerequisites
+
+
+
A computer with a current browser. It does not matter which browser you want to use.
+
Access to your Sigma environment. A Sigma trial environment is acceptable and preferred.
+
An Okta account as Administrator. A development environment is acceptable.
+
+
+
+
+
+
+
+
+
+
+For more information on Sigma's product release strategy, see [Sigma product releases.](https://help.sigmacomputing.com/docs/sigma-product-releases)
+
+### What You’ll Learn
+How to implement and customize Sigma Single-Sign-On using Okta as the identity provider.
+
+### What You’ll Build
+The results of this QuickStart will be a Sigma instance that only allows SSO, with user management provided by Okta. In the end, we will have a test user who can login to Sigma with SSO, have Sigma Creator rights but is not allowed to export any data.
+
+
+
+
+
+
+## Initial SSO Configuration
+Duration: 20
+
+Login into Okta as Administrator and navigate to `Applications` > `Applications` and click `Browse App Catalog`:
+
+
+
+Type `Sigma` into the search bar and select either "Sigma on AWS" or "Sigma on GCP" depending on where your Sigma instance is hosted:
+
+
+
+
+
+On the next page we see that Sigma is "Okta Verified". Click `Add Integration`:
+
+
+
+Give the integration a name and click `Done`:
+
+
+
+We have to get some information and configure things in Sigma as we set this up.
+
+In another browser tab, log into Sigma and navigate to `Administration` > `Account` and copy the URL as shown:
+
+
+
+This is the URL Okta will use to reach Sigma. Save it off in a text file so we can use it later.
+
+Navigate to `Administration` > `Authentication` and click `Edit`:
+
+Select `SAML or password` so that we can login with Okta SSO or directly into Sigma with a our admin username and password.
+
+There are other options on this page but we will leave them at the defaults. The links below provide more information on those options:
+
+[Guest Access](https://help.sigmacomputing.com/docs/guest-user-accounts)
+
+[Multi-Factor Authentication](https://help.sigmacomputing.com/docs/two-factor-email-authentication#enable-two-factor-authentication)
+
+
+
+
+
+Sigma needs to have an Identity Provider (IDP) login URL and X509 certificate. We can gets these from Okta (our IDP).
+
+Return to Okta and navigate to the `Sign On` tab. Scroll down to find `Settings` group and the button to `Show details` after the "Metadata URL". We want to click to copy `Sign on URL`:
+
+
+
+Paste this value into Sigma for the value of `Identity provider login URL`:
+
+
+
+Now click to copy the x509 certificate, which little further down in the same group.
+
+
+
+Paste this value into Sigma under the value for `Identity provider X509 certificate` and click `Save`:
+
+
+
+Return to Okta and the `Sign On` page. This time, click `Edit` in the `Settings` group:
+
+
+
+Copy the Sigma Account URL we saved off to a text file earlier and paste it into the `Default Relay State` box:
+
+
+
+**NOTE:** The value for `Default Relay State` will vary depending on cloud provider. For AWS, append "/finish-login" to the URL. For example:
+```plaintext
+https://app.sigmacomputing.com/[yourCompanyId]/finish-login
+```
+
+Scroll all the way to the bottom and click `Save`.
+
+Sigma will now allow users to login with SSO or username/password.
+
+We have not yet completed the Okta/Sigma integration, but SSO is setup. Later we will complete the integration such that users/groups added in Okta, will be pushed to Sigma.
+
+## Testing SSO
+
+Open a new Chrome browser, in `Incognito mode`, so that we avoid issues with session cookies. You could also just use another browser like Firefox or Safari to create isolation.
+
+
+
+Navigate to your Sigma portal using whatever URL you typically use.
+
+For example: https://app.sigmacomputing.com/{YOUR ACCOUNT NAME}
+
+Now that SSO is enabled, we are presented an additional login option. Recall that we left username/password authentication on. We will turn this off later.
+
+
+
+Click the `Sign in with SSO` button. We are talking to an Okta page for signing into Sigma now.
+
+
+
+Try to login with your Sigma credentials. **It will fail.** This is because we have not created this user in Okta.
+
+
+
+When errors occur in Okta (before reaching out to Sigma) it can be useful to review the Okta Application error log:
+
+
+
+Here we see `Verification error` which indicates that Okta does not have a record for this user login attempt:
+
+
+
+### Add User in Okta
+
+We need to add our Sigma Admin user in Okta so we can disable non-SSO logins to Sigma.
+
+Navigate to `Directory` > `People` and click `Add person`:
+
+
+
+Configure the new user as follows and use the same password used for your Administrator user in Sigma:
+
+
+
+Go back to the incognito Chrome window and try to login again. **It will fail but this time, the errors is more instructive:**
+
+
+
+The user needs to be "assigned" to the Sigma application. Currently, this Okta user is not allowed to use anything.
+
+In Okta, navigate to the `People` list again and click on the user we created previously.
+
+
+
+Click the `Assign Application` button.
+
+
+
+Click to assign the `Sigma on AWS` application:
+
+
+
+Next click `Save and go back`:
+
+
+
+Click `Done`.
+
+Now that the user is added in Okta, go back to incognito Chrome again and try to login again.
+
+We are now able to login to Sigma with SSO.
+
+Another inspection of the Okta log for the Sigma application reveals the two steps that occured:
+
+
+
+
+
+
+## Disable Standard Authentication
+Duration: 20
+
+We want to disable username/password logins to Sigma and enforce only SSO with Okta.
+
+In Sigma, navigate to `Administration` > `Authentication` and click the `Edit` button.
+
+Change the `Authentication Method` to only `SAML`.
+
+
+
+Sigma will now only support SSO login, in this case with Okta.
+
+After logging out of Sigma, close the incognito browser and reopen a new one. Browse to Sigma like:
+
+https://app.sigmacomputing.com/{ACCOUNT NAME}/login
+
+We now only see the `Sign in with SSO` button:
+
+
+
+The Sigma admin user is still able to login, but only with SSO.
+
+
+
+
+## SCIM
+Duration: 20
+
+So far, we have only used the admin user account in Sigma to setup and test Okta SSO with. Now we want to learn how to manage other users who may have different roles with SSO. There are many ways to do this, but we will focus on using **“System for Cross-domain Identity Management”**, better known by its acronym **SCIM**, which is a standard for the automation of user and group provisioning between two services. In this case, the two services are Okta and Sigma.
+
+Configuring SCIM for your Sigma organization will allow you to centralize management of users and teams through Okta.
+
+This is preferred, as we want to manage users in one place (Okta) which likely is handing security operations for other applications besides Sigma.
+
+Once SCIM provisioning is enabled for both services, all management of users and teams must be done through Okta. While not directly editable in Sigma, both will be displayed in your Sigma Admin Portal.
+
+When you add SCIM to your Okta configuration, we will gain the ability to manage Sigma teams from Okta, and both user and group/team data in Okta will automatically be pushed to your Sigma organization (via REST API), regardless of user login.
+
+The following functions are available with Okta / Sigma:
+
+
+
+
Push New Users:
+
+
New users created through Okta will also be created in Sigma.
+
An Admin, Creator or Viewer user type (aka account type in Sigma) can be defined for each Sigma user in Okta. If no user type is defined, Sigma will limit the user to Viewer only permissions.
+
+
+
Push User Profile Updates:
+
+
Updates made to the user's name (‘given name’ and ‘family name’) in their Okta profile will automatically be pushed to Sigma.
+
Updates made to a user’s ‘user type’ (via that application Assignment page) will automatically be pushed to Sigma.
+
+
+
+
Deactivate Users:
+
+
Deactivating a user through Okta will deactivate the user in Sigma.
+
The user's profile information will be maintained as an inactive user.
+
Ownership of any documents created by the user will be transferred to the Admin performing the deactivation. Any documents located in the user’s My Documents folder will automatically be transferred to a folder in the Admin’s My Documents.
+
+
+
+
Reactivate Users:
+
+
Sigma user accounts can be reactivated by reactivating the corresponding account in Okta.
+
The user's profile information will be maintained as an inactive user.
+
Ownership of any documents created by the user will be transferred to the Admin performing the deactivation. Any documents located in the user’s My Documents folder will automatically be transferred to a folder in the Admin’s My Documents.
+
+
+
Push Groups / Teams:
+
+
Groups created in Okta will be created as Teams in Sigma.
+
+
Deactivate Groups / Teams:
+
+
Deactivating a group in Okta will deactivate the corresponding team in Sigma.
+
Any documents located in the team’s workspace folder will automatically be transferred to the My Documents folder of the Admin performing the deletion.
+
+
+
+[Learn more about SCIM with Sigma](https://help.sigmacomputing.com/docs/manage-users-and-teams-with-scim)
+
+
+
+
+## Configure API Integration
+
+Before we add anymore users in Okta, we want to configure the automated exchange of data between Okta and Sigma.
+
+In Sigma, navigate to `Administration` > `Authentication` and click the `Setup` button for "Account Type and Team Provisioning":
+
+
+
+In the popup, check the box on for `I have read and understand the above guidance.` and click `Next`:
+
+
+
+
+
+Give the token a friendly name and click `Next`:
+
+
+
+Click `Copy` for the `Directory Base URL` and `Bearer Token` and save these values to a text file for now. We will use them later.
+
+
+
+Click `Done`.
+
+Back in Okta, navigate to `Applications` > `Applications` and click into `Sigma on AWS`.
+
+Click on the `Provisioning` tab. Click the `Configure API Integration` button:
+
+
+
+Click on the checkbox for `Enable API Integration`, paste the `API Token` (Bearer Token) we saved earlier and click the `Test API Credentials` button:
+
+
+
+We should receive a message `Sigma on AWS was verified successfully!` if all is good.
+
+Click `Save`.
+
+Now Okta is able to communicate with Sigma's REST endpoint for this account only.
+
+We now have more configuration options available to us in Okta to control SSO.
+
+We want to control what happens when a user who exists in Okta (and is allowed to access Sigma) but does not exist in Sigma, is handled.
+
+We want Okta to creates a user in `Sigma on AWS` when assigning the app to a user in Okta.
+
+Click `Edit at the top right corner across from `Provisioning to App.
+
+Then click the `Enable` checkbox on adjacent to `Create`.
+
+Also enable the checkboxes for `Update User Attributes` and `Deactivate Users`. Okta provides information that describes what these do.
+
+Click `Save`.
+
+
+
+
+## Standard Account Types
+
+Okta supports Sigma "out-of-the-box" account types. It manages this in it's `Profile Editor`.
+
+Navigate to `Directory` > `Profile Editor` and click on `Sigma on AWS User`:
+
+
+
+Click on the "pencil" icon for `User Type`:
+
+
+
+We are presented with the pre-configured settings for `User Type`. We see that the "base" Sigma `Account Types` that are included in all Sigma accounts are pre-configured for us:
+```console
+Pro
+Essential
+Lite
+```
+
+
+
+This is where we can also `+ Add Another` to support Sigma custom `Account Types` later.
+
+
+
+
+
+
+## Add Group(s)
+A user's `Account Type` can be managed in Okta directly and this is fine when there are only a few users. It is a best practice to use Okta `Groups` to manage what Sigma operations are permitted to all group members.
+
+Groups created in Okta will be pushed to Sigma now that we have the integration all set up. There is no need to create them first in Sigma.
+
+
+
+Lets add a `Group` for `Viewers`.
+
+In Okta, navigate to `Directory` > `Groups` and click the `Add Group` button.
+
+You may notice some groups already exist, having been imported from Sigma (in this example, some existed but can be ignored as we will not use them).
+
+The `Everyone` group is created automatically by Okta. There are three Okta users, but since no application is assigned, these users have no right to login to Sigma. They can however, log into Okta, which is expected since in practice, there would be other business applications being secured by Okta.
+
+There is one application assigned to an existing Sigma Team called `FinanceViewers`, but no users, so that is also protected from logging in via SSO.
+
+
+
+Click `Add Group` and give it a name `OktaViewers` and click `Save`:
+
+
+
+
+
+We need to assign the `Sigma on AWS` application to this group. Click onto the new `OktaViewers` group and click `Assign applications`.
+
+Click the `Assign` button in the `Sigma on AWS` row.
+
+We now need to set the Sigma `Account Type` this new group will use. We have the three standard Sigma `Account Types` to choose from.
+
+Select `Lite` and click `Save` and `Done`.
+
+Anyone who is a member of this group will get view access as defined in Sigma > `Administration` > `Account Types` > `Lite`.
+
+While we are here, lets create another `Group` for Sigma `Essentials` Account Type. The workflow is the same, but in the last step, assign the new group the `Account Type` of `Essentials` (which maps to Sigma Essentials).
+
+We can call this group `OktaCreators`.
+
+When done, our `Groups` list should look this this, with the two new groups each having one application and no users assigned yet:
+
+
+
+The last step (and whenever new groups are created) is to push the new group(s) to Sigma.
+
+Navigate to `Applications` > `Applications`. We can see that our `Sigma Viewer` user has an error. This is because we did not push the new groups to Sigma yet (and they are a member of one).
+
+Click the `Push Groups` tab.
+
+Select `Push Groups` and `Find groups by name`.
+
+
+
+Start typing `Ok` and click to add the `OktaViewers` group:
+
+
+
+Click `Save & Add Another` and add the `OktaCreators` group as well.
+
+Then click `Save`. The new groups should show a status as `Pushing` to `Active` fairly quickly:
+
+
+
+
+
+
+## Add User(s)
+Duration: 20
+
+Now we can assign new users to groups in Okta as we create them. These new users can then use SSO to gain access to Sigma and will have the group rights that are afforded to them by Sigma `Account Type.`
+
+
+
+We will make our first new user a `Lite` user in Sigma.
+
+In Okta, navigate to `Directory` > `People` and click the `Add Person` button:
+
+
+
+Configure the new user as shown, tailoring the details to suit the user. Check the box (#2) to set `User must change password...` on:
+
+
+
+Click `Save` when done.
+
+### Test New User
+
+Open a new incognito Chrome browser and navigate to your Sigma account.
+
+Click `Sign in with SSO`.
+
+For `Username` use the email address assigned to the new user created in Okta. Enter the password as well.
+
+Okta will respond with a page asking for a new password. Provide one.
+
+
+
+
+
+[Read more about Okta Sign-on policies](https://help.okta.com/en-us/Content/Topics/Security/policies/policies-home.htm)
+
+After resetting the password and trying to login again we face another problem:
+
+
+
+***What happened?***
+
+In Okta, we created a `Group` and assigned the `Sigma on AWS` application to the group but we did not assign this user to the group. Lets do that now.
+
+Navigate to `Directory` > `Groups` and click into the `OktaViewers` group we created. Click `Assign people`:
+
+
+
+Select the `Sigma Viewer` user we created earlier by clicking on the `+`:
+
+
+
+That user is now `Assigned` with a green checkmark in the list.
+
+We don't need to give the new user permission to use the `Sigma on AWS` application in Okta. That is implied when we granted the Group access.
+
+After changing password, we can successfully log into the Sigma portal. In the users `Profile` we have `Viewer` access and a team membership of `OktaViewers`:
+
+
+
+
+
+It is also possible to see the Sigma App in the Okta portal for this user.
+
+The address to login to an Okta developers account is:
+```console
+https://dev-22485XXX-admin.okta.com/
+```
+
+Replace the "dev-[number]" with your dev account value.
+
+Login to Okta (in another incognito browser window). Use the new user's email and password to login.
+
+The Okta portal should show the Sigma App tile:
+
+
+
+Clicking on the tile will take you directly into Sigma, as your user is Okta authenticated already.
+
+
+
+
+## Custom Account Types with Okta
+Duration: 20
+
+It is common for companies to give users access to Sigma, but disallow them the ability to export (download) data for various reasons. This is done by creating an `Account Type` in Sigma, with exporting restricted, and map an Okta group to it.
+
+Any users who are assigned to this "download restricted" group/team, will not be able to export content.
+
+
+
+Lets see how to adjust the user we just created in Okta to grant more rights, but also not allow exports.
+
+Since Okta has no record for a new `Account Type` we need to add it so we can then assign it to group(s).
+
+Navigate to `Directory` > `Profile Editor`. Locate the `Attributes` section and then `User Type`. Click the pencil icon:
+
+
+
+Click `Add another` and enter the values as shown:
+
+
+
+Scroll to the bottom and click `Save Attribute`.
+
+We will need to create a new `Group` in Okta (which we will push to Sigma as a `Team`) so that we can manage the level of access we want users to have.
+
+
+
+In Okta, `Directory` > `Groups`, click `Add group`:
+
+
+
+Give the `Group` a name and description as shown and click `Ok`.
+
+
+
+We need to assign this new group to the `Sigma on AWS` application:
+
+
+
+Click `Save and Go Back` and then `Done`.
+
+The `Sigma Viewer` user already has `Viewer` rights in Sigma via Okta group membership in the `Okta Viewer` group.
+
+Add our test user to the new `OktaCreatorNoExport` group (using the same workflow we have done previously.)
+
+Since this user is a member of more than one group, we need to make sure that the correct group is used when they log in.
+
+Navigate to the `Assignments` tab on the `Sigma on AWS` > `Applications` page.
+
+Click `Groups`. Our three custom groups are listed. The first column is the `Priority` in which they are assigned to a user (if the user is a member) when a user logs in. We want our user to have `OktaCreatorNoExport`, so click and hold on the drag bar and drag it to the top (#1) position as shown:
+
+
+
+Navigate to the `Sigma on AWS` application, `Push Groups` tab.
+
+Click `+ Push Groups` and `Find groups by name` and select the `OktaCreatorNoExport` group.
+
+Wait for the group to become `Active`.
+
+
+
+
+
+Return to Sigma (as Administrator)
+
+Navigate to `Administration` > `Teams`. Our Okta Group is listed here.
+
+Lets add a new `Account Type`. Click on `Account Types` > and `Create New Account Type` button:
+
+
+
+Configure the Account Type as shown. Notice that we are not allowing any Export functionality:
+
+
+
+
+
+Click `Create`.
+
+
+
+### Test New Role in Sigma
+
+Using a new incognito browser, login to Sigma as our test user.
+
+Navigate to `User Profile` > `Details` (the icon in the upper-most right corner) and see that this user is a member of both teams now, and has `CreateorNoExport`. We cannot change this in Sigma as Okta is handling user management operations now.
+
+
+
+
+
+
+## Items of Note
+
+The Sigma / Okta integration enables many additional capabilities than covered here. We encourage you to explore based on use case needs and curiosity.
+
+A few of them are:
+
+
+
+
User Roles: The concept of User Attribute in Sigma is implemented by using Okta userRoles to pass user-specific role information upon login.
+
Sigma Audit Logging: Captures user login events (in addition to Okta logs) for customers who want the extra layer of information.
+
Zonal Restrictions: Prevent users from logging on based on physical location.
+
Device Restriction: Prevent users from logging on based on device operating system.
+
Behavior Detection: Behavior Detection analyzes patterns of user behavior and create profiles of typical patterns based on previous activity.
+
+
+
+[More reading on the extensive features Okta provides is available here](https://help.okta.com/en-us/Content/index.htm)
+
+
+
+
+
+## What we've covered
+Duration: 5
+
+In this lab we learned how to implement and customize Sigma Single-Sign-On using Okta as the identity provider.
+
+
+**Additional Resource Links**
+
+Be sure to check out all the latest developments at [Sigma's First Friday Feature page!](https://quickstarts.sigmacomputing.com/firstfridayfeatures/)
+
+[Help Center Home](https://help.sigmacomputing.com)
+[Sigma Community](https://community.sigmacomputing.com/)
+[Sigma Blog](https://www.sigmacomputing.com/blog/)
+
+
+[](https://twitter.com/sigmacomputing)
+[](https://www.linkedin.com/company/sigmacomputing)
+[](https://www.facebook.com/sigmacomputing)
+
+
+
+
diff --git a/site/sigmaguides/src/security_sso_okta/assets/facebook.png b/site/sigmaguides/src/security_sso_okta/assets/facebook.png
new file mode 100644
index 00000000..fa3f0e02
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/facebook.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/greencheckbox.png b/site/sigmaguides/src/security_sso_okta/assets/greencheckbox.png
new file mode 100644
index 00000000..69cb876e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/greencheckbox.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/horizonalline.png b/site/sigmaguides/src/security_sso_okta/assets/horizonalline.png
new file mode 100644
index 00000000..7c49d872
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/horizonalline.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/linkedin.png b/site/sigmaguides/src/security_sso_okta/assets/linkedin.png
new file mode 100644
index 00000000..d1a0636d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/linkedin.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok1.png b/site/sigmaguides/src/security_sso_okta/assets/ok1.png
new file mode 100644
index 00000000..ce05c46d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok1.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok10.png b/site/sigmaguides/src/security_sso_okta/assets/ok10.png
new file mode 100644
index 00000000..cd81735d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok10.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok11.png b/site/sigmaguides/src/security_sso_okta/assets/ok11.png
new file mode 100644
index 00000000..d9fe4b71
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok11.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok13.png b/site/sigmaguides/src/security_sso_okta/assets/ok13.png
new file mode 100644
index 00000000..115ee253
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok13.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok14.png b/site/sigmaguides/src/security_sso_okta/assets/ok14.png
new file mode 100644
index 00000000..f6986c23
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok14.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15.png b/site/sigmaguides/src/security_sso_okta/assets/ok15.png
new file mode 100644
index 00000000..4721d762
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15a.png b/site/sigmaguides/src/security_sso_okta/assets/ok15a.png
new file mode 100644
index 00000000..50d176b8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15a.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15b.png b/site/sigmaguides/src/security_sso_okta/assets/ok15b.png
new file mode 100644
index 00000000..646f8fa2
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15b.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15c.png b/site/sigmaguides/src/security_sso_okta/assets/ok15c.png
new file mode 100644
index 00000000..41c0b9ef
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15c.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15d.png b/site/sigmaguides/src/security_sso_okta/assets/ok15d.png
new file mode 100644
index 00000000..422d5dc8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15d.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15e.png b/site/sigmaguides/src/security_sso_okta/assets/ok15e.png
new file mode 100644
index 00000000..c553c4e6
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15e.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15f.png b/site/sigmaguides/src/security_sso_okta/assets/ok15f.png
new file mode 100644
index 00000000..b6c625e0
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15f.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15g.png b/site/sigmaguides/src/security_sso_okta/assets/ok15g.png
new file mode 100644
index 00000000..da48c4ef
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15g.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15h.png b/site/sigmaguides/src/security_sso_okta/assets/ok15h.png
new file mode 100644
index 00000000..25e2c74b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15h.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15i.png b/site/sigmaguides/src/security_sso_okta/assets/ok15i.png
new file mode 100644
index 00000000..f172054d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15i.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok16.png b/site/sigmaguides/src/security_sso_okta/assets/ok16.png
new file mode 100644
index 00000000..bfe357a9
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok16.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok17.png b/site/sigmaguides/src/security_sso_okta/assets/ok17.png
new file mode 100644
index 00000000..ce557cec
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok17.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok18.png b/site/sigmaguides/src/security_sso_okta/assets/ok18.png
new file mode 100644
index 00000000..7723cdad
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok18.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok19.png b/site/sigmaguides/src/security_sso_okta/assets/ok19.png
new file mode 100644
index 00000000..5a392117
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok19.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok2.png b/site/sigmaguides/src/security_sso_okta/assets/ok2.png
new file mode 100644
index 00000000..68dc3cdf
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok2.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok20.png b/site/sigmaguides/src/security_sso_okta/assets/ok20.png
new file mode 100644
index 00000000..8a0f2208
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok20.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok21.png b/site/sigmaguides/src/security_sso_okta/assets/ok21.png
new file mode 100644
index 00000000..d715b4d9
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok21.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok22.png b/site/sigmaguides/src/security_sso_okta/assets/ok22.png
new file mode 100644
index 00000000..e30c72b4
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok22.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok23.png b/site/sigmaguides/src/security_sso_okta/assets/ok23.png
new file mode 100644
index 00000000..800fba97
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok23.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok24.png b/site/sigmaguides/src/security_sso_okta/assets/ok24.png
new file mode 100644
index 00000000..002f058f
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok24.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok25.png b/site/sigmaguides/src/security_sso_okta/assets/ok25.png
new file mode 100644
index 00000000..3bdc0000
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok25.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok26.png b/site/sigmaguides/src/security_sso_okta/assets/ok26.png
new file mode 100644
index 00000000..b765376a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok26.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok27.png b/site/sigmaguides/src/security_sso_okta/assets/ok27.png
new file mode 100644
index 00000000..85acac26
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok27.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok28.png b/site/sigmaguides/src/security_sso_okta/assets/ok28.png
new file mode 100644
index 00000000..01d94367
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok28.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok29.png b/site/sigmaguides/src/security_sso_okta/assets/ok29.png
new file mode 100644
index 00000000..527e8523
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok29.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok3.png b/site/sigmaguides/src/security_sso_okta/assets/ok3.png
new file mode 100644
index 00000000..197f9b88
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok3.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok30.png b/site/sigmaguides/src/security_sso_okta/assets/ok30.png
new file mode 100644
index 00000000..bd53611c
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok30.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok31.png b/site/sigmaguides/src/security_sso_okta/assets/ok31.png
new file mode 100644
index 00000000..1a7d584b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok31.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok32.png b/site/sigmaguides/src/security_sso_okta/assets/ok32.png
new file mode 100644
index 00000000..80546f8e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok32.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok33.png b/site/sigmaguides/src/security_sso_okta/assets/ok33.png
new file mode 100644
index 00000000..3c2d31b8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok33.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok34.png b/site/sigmaguides/src/security_sso_okta/assets/ok34.png
new file mode 100644
index 00000000..4d97563f
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok34.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok35.png b/site/sigmaguides/src/security_sso_okta/assets/ok35.png
new file mode 100644
index 00000000..f530bc96
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok35.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok36.png b/site/sigmaguides/src/security_sso_okta/assets/ok36.png
new file mode 100644
index 00000000..832d3a39
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok36.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok37.png b/site/sigmaguides/src/security_sso_okta/assets/ok37.png
new file mode 100644
index 00000000..b06d380a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok37.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok38.png b/site/sigmaguides/src/security_sso_okta/assets/ok38.png
new file mode 100644
index 00000000..97f12a54
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok38.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok39.png b/site/sigmaguides/src/security_sso_okta/assets/ok39.png
new file mode 100644
index 00000000..d03736a0
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok39.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok4.png b/site/sigmaguides/src/security_sso_okta/assets/ok4.png
new file mode 100644
index 00000000..4d4f4e38
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok4.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok40.png b/site/sigmaguides/src/security_sso_okta/assets/ok40.png
new file mode 100644
index 00000000..8df70633
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok40.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok41.png b/site/sigmaguides/src/security_sso_okta/assets/ok41.png
new file mode 100644
index 00000000..eb87f071
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok41.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok42.png b/site/sigmaguides/src/security_sso_okta/assets/ok42.png
new file mode 100644
index 00000000..d20752ec
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok42.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok43.png b/site/sigmaguides/src/security_sso_okta/assets/ok43.png
new file mode 100644
index 00000000..b327e67a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok43.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok44.png b/site/sigmaguides/src/security_sso_okta/assets/ok44.png
new file mode 100644
index 00000000..cdcee08e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok44.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok45.png b/site/sigmaguides/src/security_sso_okta/assets/ok45.png
new file mode 100644
index 00000000..ce9d4a1f
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok45.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok46.png b/site/sigmaguides/src/security_sso_okta/assets/ok46.png
new file mode 100644
index 00000000..5ae5c8a7
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok46.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok47.png b/site/sigmaguides/src/security_sso_okta/assets/ok47.png
new file mode 100644
index 00000000..68282ac8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok47.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok48.png b/site/sigmaguides/src/security_sso_okta/assets/ok48.png
new file mode 100644
index 00000000..2eaea94a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok48.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok49.png b/site/sigmaguides/src/security_sso_okta/assets/ok49.png
new file mode 100644
index 00000000..f8c35572
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok49.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok5.png b/site/sigmaguides/src/security_sso_okta/assets/ok5.png
new file mode 100644
index 00000000..23fd5253
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok5.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok50.png b/site/sigmaguides/src/security_sso_okta/assets/ok50.png
new file mode 100644
index 00000000..f1942baf
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok50.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok51.png b/site/sigmaguides/src/security_sso_okta/assets/ok51.png
new file mode 100644
index 00000000..070b1e67
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok51.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok53.png b/site/sigmaguides/src/security_sso_okta/assets/ok53.png
new file mode 100644
index 00000000..34202232
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok53.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok54.png b/site/sigmaguides/src/security_sso_okta/assets/ok54.png
new file mode 100644
index 00000000..3a56e372
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok54.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok56.png b/site/sigmaguides/src/security_sso_okta/assets/ok56.png
new file mode 100644
index 00000000..a0b8dc35
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok56.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok57.png b/site/sigmaguides/src/security_sso_okta/assets/ok57.png
new file mode 100644
index 00000000..3384866d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok57.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok57b.png b/site/sigmaguides/src/security_sso_okta/assets/ok57b.png
new file mode 100644
index 00000000..006dd0de
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok57b.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok57b1.png b/site/sigmaguides/src/security_sso_okta/assets/ok57b1.png
new file mode 100644
index 00000000..cdac46ce
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok57b1.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok6.png b/site/sigmaguides/src/security_sso_okta/assets/ok6.png
new file mode 100644
index 00000000..0575911b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok6.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok60.png b/site/sigmaguides/src/security_sso_okta/assets/ok60.png
new file mode 100644
index 00000000..e63feb9c
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok60.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok61.png b/site/sigmaguides/src/security_sso_okta/assets/ok61.png
new file mode 100644
index 00000000..49d730cf
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok61.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok61b.png b/site/sigmaguides/src/security_sso_okta/assets/ok61b.png
new file mode 100644
index 00000000..d204f4a7
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok61b.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok62.png b/site/sigmaguides/src/security_sso_okta/assets/ok62.png
new file mode 100644
index 00000000..cab0d12e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok62.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok63.png b/site/sigmaguides/src/security_sso_okta/assets/ok63.png
new file mode 100644
index 00000000..ad970da0
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok63.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok64.png b/site/sigmaguides/src/security_sso_okta/assets/ok64.png
new file mode 100644
index 00000000..7905cb4a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok64.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok65.png b/site/sigmaguides/src/security_sso_okta/assets/ok65.png
new file mode 100644
index 00000000..0a7fad85
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok65.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok66.png b/site/sigmaguides/src/security_sso_okta/assets/ok66.png
new file mode 100644
index 00000000..a84f8f5e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok66.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok67.png b/site/sigmaguides/src/security_sso_okta/assets/ok67.png
new file mode 100644
index 00000000..62a2e6cc
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok67.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok68.png b/site/sigmaguides/src/security_sso_okta/assets/ok68.png
new file mode 100644
index 00000000..bcb16fea
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok68.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok69.png b/site/sigmaguides/src/security_sso_okta/assets/ok69.png
new file mode 100644
index 00000000..6fea92a9
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok69.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok7.png b/site/sigmaguides/src/security_sso_okta/assets/ok7.png
new file mode 100644
index 00000000..a8ee26c5
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok7.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok70.png b/site/sigmaguides/src/security_sso_okta/assets/ok70.png
new file mode 100644
index 00000000..b5c09768
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok70.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok71.png b/site/sigmaguides/src/security_sso_okta/assets/ok71.png
new file mode 100644
index 00000000..648915e6
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok71.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok72.png b/site/sigmaguides/src/security_sso_okta/assets/ok72.png
new file mode 100644
index 00000000..f873ae5c
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok72.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok73.png b/site/sigmaguides/src/security_sso_okta/assets/ok73.png
new file mode 100644
index 00000000..1f1d1a6a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok73.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok74.png b/site/sigmaguides/src/security_sso_okta/assets/ok74.png
new file mode 100644
index 00000000..471556a8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok74.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok75.png b/site/sigmaguides/src/security_sso_okta/assets/ok75.png
new file mode 100644
index 00000000..4f29ec12
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok75.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok76.png b/site/sigmaguides/src/security_sso_okta/assets/ok76.png
new file mode 100644
index 00000000..6d3af4cb
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok76.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok77.png b/site/sigmaguides/src/security_sso_okta/assets/ok77.png
new file mode 100644
index 00000000..f36c72fd
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok77.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok78.png b/site/sigmaguides/src/security_sso_okta/assets/ok78.png
new file mode 100644
index 00000000..f2673501
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok78.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok79.png b/site/sigmaguides/src/security_sso_okta/assets/ok79.png
new file mode 100644
index 00000000..4c61ce6b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok79.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok8.png b/site/sigmaguides/src/security_sso_okta/assets/ok8.png
new file mode 100644
index 00000000..cc1deaf6
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok8.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok80.png b/site/sigmaguides/src/security_sso_okta/assets/ok80.png
new file mode 100644
index 00000000..3f31ba3b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok80.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok81.png b/site/sigmaguides/src/security_sso_okta/assets/ok81.png
new file mode 100644
index 00000000..deb71081
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok81.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok82.png b/site/sigmaguides/src/security_sso_okta/assets/ok82.png
new file mode 100644
index 00000000..e0cdcaae
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok82.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok83.png b/site/sigmaguides/src/security_sso_okta/assets/ok83.png
new file mode 100644
index 00000000..c2877be4
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok83.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok9.png b/site/sigmaguides/src/security_sso_okta/assets/ok9.png
new file mode 100644
index 00000000..768dd607
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok9.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/sigma_footer.png b/site/sigmaguides/src/security_sso_okta/assets/sigma_footer.png
new file mode 100644
index 00000000..df51d771
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/sigma_footer.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/twitter.png b/site/sigmaguides/src/security_sso_okta/assets/twitter.png
new file mode 100644
index 00000000..5a827d72
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/twitter.png differ
+
+
+
+
+## Initial SSO Configuration
+Duration: 20
+
+Login into Okta as Administrator and navigate to `Applications` > `Applications` and click `Browse App Catalog`:
+
+
+
+Type `Sigma` into the search bar and select either "Sigma on AWS" or "Sigma on GCP" depending on where your Sigma instance is hosted:
+
+
+
+
+
+On the next page we see that Sigma is "Okta Verified". Click `Add Integration`:
+
+
+
+Give the integration a name and click `Done`:
+
+
+
+We have to get some information and configure things in Sigma as we set this up.
+
+In another browser tab, log into Sigma and navigate to `Administration` > `Account` and copy the URL as shown:
+
+
+
+This is the URL Okta will use to reach Sigma. Save it off in a text file so we can use it later.
+
+Navigate to `Administration` > `Authentication` and click `Edit`:
+
+Select `SAML or password` so that we can login with Okta SSO or directly into Sigma with a our admin username and password.
+
+There are other options on this page but we will leave them at the defaults. The links below provide more information on those options:
+
+[Guest Access](https://help.sigmacomputing.com/docs/guest-user-accounts)
+
+[Multi-Factor Authentication](https://help.sigmacomputing.com/docs/two-factor-email-authentication#enable-two-factor-authentication)
+
+
+
+
+
+Sigma needs to have an Identity Provider (IDP) login URL and X509 certificate. We can gets these from Okta (our IDP).
+
+Return to Okta and navigate to the `Sign On` tab. Scroll down to find `Settings` group and the button to `Show details` after the "Metadata URL". We want to click to copy `Sign on URL`:
+
+
+
+Paste this value into Sigma for the value of `Identity provider login URL`:
+
+
+
+Now click to copy the x509 certificate, which little further down in the same group.
+
+
+
+Paste this value into Sigma under the value for `Identity provider X509 certificate` and click `Save`:
+
+
+
+Return to Okta and the `Sign On` page. This time, click `Edit` in the `Settings` group:
+
+
+
+Copy the Sigma Account URL we saved off to a text file earlier and paste it into the `Default Relay State` box:
+
+
+
+**NOTE:** The value for `Default Relay State` will vary depending on cloud provider. For AWS, append "/finish-login" to the URL. For example: 
+
+Navigate to your Sigma portal using whatever URL you typically use.
+
+For example: https://app.sigmacomputing.com/{YOUR ACCOUNT NAME}
+
+Now that SSO is enabled, we are presented an additional login option. Recall that we left username/password authentication on. We will turn this off later.
+
+
+
+Click the `Sign in with SSO` button. We are talking to an Okta page for signing into Sigma now.
+
+
+
+Try to login with your Sigma credentials. **It will fail.** This is because we have not created this user in Okta.
+
+
+
+When errors occur in Okta (before reaching out to Sigma) it can be useful to review the Okta Application error log:
+
+
+
+Here we see `Verification error` which indicates that Okta does not have a record for this user login attempt:
+
+
+
+### Add User in Okta
+
+We need to add our Sigma Admin user in Okta so we can disable non-SSO logins to Sigma.
+
+Navigate to `Directory` > `People` and click `Add person`:
+
+
+
+Configure the new user as follows and use the same password used for your Administrator user in Sigma:
+
+
+
+Go back to the incognito Chrome window and try to login again. **It will fail but this time, the errors is more instructive:**
+
+
+
+The user needs to be "assigned" to the Sigma application. Currently, this Okta user is not allowed to use anything.
+
+In Okta, navigate to the `People` list again and click on the user we created previously.
+
+
+
+Click the `Assign Application` button.
+
+
+
+Click to assign the `Sigma on AWS` application:
+
+
+
+Next click `Save and go back`:
+
+
+
+Click `Done`.
+
+Now that the user is added in Okta, go back to incognito Chrome again and try to login again.
+
+We are now able to login to Sigma with SSO.
+
+Another inspection of the Okta log for the Sigma application reveals the two steps that occured:
+
+
+
+
+
+
+## Disable Standard Authentication
+Duration: 20
+
+We want to disable username/password logins to Sigma and enforce only SSO with Okta.
+
+In Sigma, navigate to `Administration` > `Authentication` and click the `Edit` button.
+
+Change the `Authentication Method` to only `SAML`.
+
+
+
+Sigma will now only support SSO login, in this case with Okta.
+
+After logging out of Sigma, close the incognito browser and reopen a new one. Browse to Sigma like:
+
+https://app.sigmacomputing.com/{ACCOUNT NAME}/login
+
+We now only see the `Sign in with SSO` button:
+
+
+
+The Sigma admin user is still able to login, but only with SSO.
+
+
+
+
+## SCIM
+Duration: 20
+
+So far, we have only used the admin user account in Sigma to setup and test Okta SSO with. Now we want to learn how to manage other users who may have different roles with SSO. There are many ways to do this, but we will focus on using **“System for Cross-domain Identity Management”**, better known by its acronym **SCIM**, which is a standard for the automation of user and group provisioning between two services. In this case, the two services are Okta and Sigma.
+
+Configuring SCIM for your Sigma organization will allow you to centralize management of users and teams through Okta.
+
+This is preferred, as we want to manage users in one place (Okta) which likely is handing security operations for other applications besides Sigma.
+
+Once SCIM provisioning is enabled for both services, all management of users and teams must be done through Okta. While not directly editable in Sigma, both will be displayed in your Sigma Admin Portal.
+
+When you add SCIM to your Okta configuration, we will gain the ability to manage Sigma teams from Okta, and both user and group/team data in Okta will automatically be pushed to your Sigma organization (via REST API), regardless of user login.
+
+The following functions are available with Okta / Sigma:
+
+
+
+In the popup, check the box on for `I have read and understand the above guidance.` and click `Next`:
+
+
+
+
+
+Give the token a friendly name and click `Next`:
+
+
+
+Click `Copy` for the `Directory Base URL` and `Bearer Token` and save these values to a text file for now. We will use them later.
+
+
+
+Click `Done`.
+
+Back in Okta, navigate to `Applications` > `Applications` and click into `Sigma on AWS`.
+
+Click on the `Provisioning` tab. Click the `Configure API Integration` button:
+
+
+
+Click on the checkbox for `Enable API Integration`, paste the `API Token` (Bearer Token) we saved earlier and click the `Test API Credentials` button:
+
+
+
+We should receive a message `Sigma on AWS was verified successfully!` if all is good.
+
+Click `Save`.
+
+Now Okta is able to communicate with Sigma's REST endpoint for this account only.
+
+We now have more configuration options available to us in Okta to control SSO.
+
+We want to control what happens when a user who exists in Okta (and is allowed to access Sigma) but does not exist in Sigma, is handled.
+
+We want Okta to creates a user in `Sigma on AWS` when assigning the app to a user in Okta.
+
+Click `Edit at the top right corner across from `Provisioning to App.
+
+Then click the `Enable` checkbox on adjacent to `Create`.
+
+Also enable the checkboxes for `Update User Attributes` and `Deactivate Users`. Okta provides information that describes what these do.
+
+Click `Save`.
+
+
+
+
+## Standard Account Types
+
+Okta supports Sigma "out-of-the-box" account types. It manages this in it's `Profile Editor`.
+
+Navigate to `Directory` > `Profile Editor` and click on `Sigma on AWS User`:
+
+
+
+Click on the "pencil" icon for `User Type`:
+
+
+
+We are presented with the pre-configured settings for `User Type`. We see that the "base" Sigma `Account Types` that are included in all Sigma accounts are pre-configured for us:
+```console
+Pro
+Essential
+Lite
+```
+
+
+
+This is where we can also `+ Add Another` to support Sigma custom `Account Types` later.
+
+
+
+
+
+
+## Add Group(s)
+A user's `Account Type` can be managed in Okta directly and this is fine when there are only a few users. It is a best practice to use Okta `Groups` to manage what Sigma operations are permitted to all group members.
+
+Groups created in Okta will be pushed to Sigma now that we have the integration all set up. There is no need to create them first in Sigma.
+
+
+
+Lets add a `Group` for `Viewers`.
+
+In Okta, navigate to `Directory` > `Groups` and click the `Add Group` button.
+
+You may notice some groups already exist, having been imported from Sigma (in this example, some existed but can be ignored as we will not use them).
+
+The `Everyone` group is created automatically by Okta. There are three Okta users, but since no application is assigned, these users have no right to login to Sigma. They can however, log into Okta, which is expected since in practice, there would be other business applications being secured by Okta.
+
+There is one application assigned to an existing Sigma Team called `FinanceViewers`, but no users, so that is also protected from logging in via SSO.
+
+
+
+Click `Add Group` and give it a name `OktaViewers` and click `Save`:
+
+
+
+
+
+We need to assign the `Sigma on AWS` application to this group. Click onto the new `OktaViewers` group and click `Assign applications`.
+
+Click the `Assign` button in the `Sigma on AWS` row.
+
+We now need to set the Sigma `Account Type` this new group will use. We have the three standard Sigma `Account Types` to choose from.
+
+Select `Lite` and click `Save` and `Done`.
+
+Anyone who is a member of this group will get view access as defined in Sigma > `Administration` > `Account Types` > `Lite`.
+
+While we are here, lets create another `Group` for Sigma `Essentials` Account Type. The workflow is the same, but in the last step, assign the new group the `Account Type` of `Essentials` (which maps to Sigma Essentials).
+
+We can call this group `OktaCreators`.
+
+When done, our `Groups` list should look this this, with the two new groups each having one application and no users assigned yet:
+
+
+
+The last step (and whenever new groups are created) is to push the new group(s) to Sigma.
+
+Navigate to `Applications` > `Applications`. We can see that our `Sigma Viewer` user has an error. This is because we did not push the new groups to Sigma yet (and they are a member of one).
+
+Click the `Push Groups` tab.
+
+Select `Push Groups` and `Find groups by name`.
+
+
+
+Start typing `Ok` and click to add the `OktaViewers` group:
+
+
+
+Click `Save & Add Another` and add the `OktaCreators` group as well.
+
+Then click `Save`. The new groups should show a status as `Pushing` to `Active` fairly quickly:
+
+
+
+
+
+
+## Add User(s)
+Duration: 20
+
+Now we can assign new users to groups in Okta as we create them. These new users can then use SSO to gain access to Sigma and will have the group rights that are afforded to them by Sigma `Account Type.`
+
+
+
+We will make our first new user a `Lite` user in Sigma.
+
+In Okta, navigate to `Directory` > `People` and click the `Add Person` button:
+
+
+
+Configure the new user as shown, tailoring the details to suit the user. Check the box (#2) to set `User must change password...` on:
+
+
+
+Click `Save` when done.
+
+### Test New User
+
+Open a new incognito Chrome browser and navigate to your Sigma account.
+
+Click `Sign in with SSO`.
+
+For `Username` use the email address assigned to the new user created in Okta. Enter the password as well.
+
+Okta will respond with a page asking for a new password. Provide one.
+
+
+
+
+
+[Read more about Okta Sign-on policies](https://help.okta.com/en-us/Content/Topics/Security/policies/policies-home.htm)
+
+After resetting the password and trying to login again we face another problem:
+
+
+
+***What happened?***
+
+In Okta, we created a `Group` and assigned the `Sigma on AWS` application to the group but we did not assign this user to the group. Lets do that now.
+
+Navigate to `Directory` > `Groups` and click into the `OktaViewers` group we created. Click `Assign people`:
+
+
+
+Select the `Sigma Viewer` user we created earlier by clicking on the `+`:
+
+
+
+That user is now `Assigned` with a green checkmark in the list.
+
+We don't need to give the new user permission to use the `Sigma on AWS` application in Okta. That is implied when we granted the Group access.
+
+After changing password, we can successfully log into the Sigma portal. In the users `Profile` we have `Viewer` access and a team membership of `OktaViewers`:
+
+
+
+
+
+It is also possible to see the Sigma App in the Okta portal for this user.
+
+The address to login to an Okta developers account is:
+```console
+https://dev-22485XXX-admin.okta.com/
+```
+
+Replace the "dev-[number]" with your dev account value.
+
+Login to Okta (in another incognito browser window). Use the new user's email and password to login.
+
+The Okta portal should show the Sigma App tile:
+
+
+
+Clicking on the tile will take you directly into Sigma, as your user is Okta authenticated already.
+
+
+
+
+## Custom Account Types with Okta
+Duration: 20
+
+It is common for companies to give users access to Sigma, but disallow them the ability to export (download) data for various reasons. This is done by creating an `Account Type` in Sigma, with exporting restricted, and map an Okta group to it.
+
+Any users who are assigned to this "download restricted" group/team, will not be able to export content.
+
+
+
+Lets see how to adjust the user we just created in Okta to grant more rights, but also not allow exports.
+
+Since Okta has no record for a new `Account Type` we need to add it so we can then assign it to group(s).
+
+Navigate to `Directory` > `Profile Editor`. Locate the `Attributes` section and then `User Type`. Click the pencil icon:
+
+
+
+Click `Add another` and enter the values as shown:
+
+
+
+Scroll to the bottom and click `Save Attribute`.
+
+We will need to create a new `Group` in Okta (which we will push to Sigma as a `Team`) so that we can manage the level of access we want users to have.
+
+
+
+In Okta, `Directory` > `Groups`, click `Add group`:
+
+
+
+Give the `Group` a name and description as shown and click `Ok`.
+
+
+
+We need to assign this new group to the `Sigma on AWS` application:
+
+
+
+Click `Save and Go Back` and then `Done`.
+
+The `Sigma Viewer` user already has `Viewer` rights in Sigma via Okta group membership in the `Okta Viewer` group.
+
+Add our test user to the new `OktaCreatorNoExport` group (using the same workflow we have done previously.)
+
+Since this user is a member of more than one group, we need to make sure that the correct group is used when they log in.
+
+Navigate to the `Assignments` tab on the `Sigma on AWS` > `Applications` page.
+
+Click `Groups`. Our three custom groups are listed. The first column is the `Priority` in which they are assigned to a user (if the user is a member) when a user logs in. We want our user to have `OktaCreatorNoExport`, so click and hold on the drag bar and drag it to the top (#1) position as shown:
+
+
+
+Navigate to the `Sigma on AWS` application, `Push Groups` tab.
+
+Click `+ Push Groups` and `Find groups by name` and select the `OktaCreatorNoExport` group.
+
+Wait for the group to become `Active`.
+
+
+
+
+
+Return to Sigma (as Administrator)
+
+Navigate to `Administration` > `Teams`. Our Okta Group is listed here.
+
+Lets add a new `Account Type`. Click on `Account Types` > and `Create New Account Type` button:
+
+
+
+Configure the Account Type as shown. Notice that we are not allowing any Export functionality:
+
+
+
+Click `Create`.
+
+
+
+### Test New Role in Sigma
+
+Using a new incognito browser, login to Sigma as our test user.
+
+Navigate to `User Profile` > `Details` (the icon in the upper-most right corner) and see that this user is a member of both teams now, and has `CreateorNoExport`. We cannot change this in Sigma as Okta is handling user management operations now.
+
+
](https://twitter.com/sigmacomputing)
+[
](https://www.linkedin.com/company/sigmacomputing)
+[
](https://www.facebook.com/sigmacomputing)
+
+
+
+
diff --git a/site/sigmaguides/src/security_sso_okta/assets/facebook.png b/site/sigmaguides/src/security_sso_okta/assets/facebook.png
new file mode 100644
index 00000000..fa3f0e02
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/facebook.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/greencheckbox.png b/site/sigmaguides/src/security_sso_okta/assets/greencheckbox.png
new file mode 100644
index 00000000..69cb876e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/greencheckbox.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/horizonalline.png b/site/sigmaguides/src/security_sso_okta/assets/horizonalline.png
new file mode 100644
index 00000000..7c49d872
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/horizonalline.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/linkedin.png b/site/sigmaguides/src/security_sso_okta/assets/linkedin.png
new file mode 100644
index 00000000..d1a0636d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/linkedin.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok1.png b/site/sigmaguides/src/security_sso_okta/assets/ok1.png
new file mode 100644
index 00000000..ce05c46d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok1.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok10.png b/site/sigmaguides/src/security_sso_okta/assets/ok10.png
new file mode 100644
index 00000000..cd81735d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok10.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok11.png b/site/sigmaguides/src/security_sso_okta/assets/ok11.png
new file mode 100644
index 00000000..d9fe4b71
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok11.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok13.png b/site/sigmaguides/src/security_sso_okta/assets/ok13.png
new file mode 100644
index 00000000..115ee253
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok13.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok14.png b/site/sigmaguides/src/security_sso_okta/assets/ok14.png
new file mode 100644
index 00000000..f6986c23
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok14.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15.png b/site/sigmaguides/src/security_sso_okta/assets/ok15.png
new file mode 100644
index 00000000..4721d762
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15a.png b/site/sigmaguides/src/security_sso_okta/assets/ok15a.png
new file mode 100644
index 00000000..50d176b8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15a.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15b.png b/site/sigmaguides/src/security_sso_okta/assets/ok15b.png
new file mode 100644
index 00000000..646f8fa2
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15b.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15c.png b/site/sigmaguides/src/security_sso_okta/assets/ok15c.png
new file mode 100644
index 00000000..41c0b9ef
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15c.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15d.png b/site/sigmaguides/src/security_sso_okta/assets/ok15d.png
new file mode 100644
index 00000000..422d5dc8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15d.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15e.png b/site/sigmaguides/src/security_sso_okta/assets/ok15e.png
new file mode 100644
index 00000000..c553c4e6
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15e.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15f.png b/site/sigmaguides/src/security_sso_okta/assets/ok15f.png
new file mode 100644
index 00000000..b6c625e0
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15f.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15g.png b/site/sigmaguides/src/security_sso_okta/assets/ok15g.png
new file mode 100644
index 00000000..da48c4ef
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15g.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15h.png b/site/sigmaguides/src/security_sso_okta/assets/ok15h.png
new file mode 100644
index 00000000..25e2c74b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15h.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok15i.png b/site/sigmaguides/src/security_sso_okta/assets/ok15i.png
new file mode 100644
index 00000000..f172054d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok15i.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok16.png b/site/sigmaguides/src/security_sso_okta/assets/ok16.png
new file mode 100644
index 00000000..bfe357a9
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok16.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok17.png b/site/sigmaguides/src/security_sso_okta/assets/ok17.png
new file mode 100644
index 00000000..ce557cec
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok17.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok18.png b/site/sigmaguides/src/security_sso_okta/assets/ok18.png
new file mode 100644
index 00000000..7723cdad
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok18.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok19.png b/site/sigmaguides/src/security_sso_okta/assets/ok19.png
new file mode 100644
index 00000000..5a392117
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok19.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok2.png b/site/sigmaguides/src/security_sso_okta/assets/ok2.png
new file mode 100644
index 00000000..68dc3cdf
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok2.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok20.png b/site/sigmaguides/src/security_sso_okta/assets/ok20.png
new file mode 100644
index 00000000..8a0f2208
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok20.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok21.png b/site/sigmaguides/src/security_sso_okta/assets/ok21.png
new file mode 100644
index 00000000..d715b4d9
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok21.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok22.png b/site/sigmaguides/src/security_sso_okta/assets/ok22.png
new file mode 100644
index 00000000..e30c72b4
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok22.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok23.png b/site/sigmaguides/src/security_sso_okta/assets/ok23.png
new file mode 100644
index 00000000..800fba97
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok23.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok24.png b/site/sigmaguides/src/security_sso_okta/assets/ok24.png
new file mode 100644
index 00000000..002f058f
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok24.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok25.png b/site/sigmaguides/src/security_sso_okta/assets/ok25.png
new file mode 100644
index 00000000..3bdc0000
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok25.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok26.png b/site/sigmaguides/src/security_sso_okta/assets/ok26.png
new file mode 100644
index 00000000..b765376a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok26.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok27.png b/site/sigmaguides/src/security_sso_okta/assets/ok27.png
new file mode 100644
index 00000000..85acac26
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok27.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok28.png b/site/sigmaguides/src/security_sso_okta/assets/ok28.png
new file mode 100644
index 00000000..01d94367
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok28.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok29.png b/site/sigmaguides/src/security_sso_okta/assets/ok29.png
new file mode 100644
index 00000000..527e8523
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok29.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok3.png b/site/sigmaguides/src/security_sso_okta/assets/ok3.png
new file mode 100644
index 00000000..197f9b88
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok3.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok30.png b/site/sigmaguides/src/security_sso_okta/assets/ok30.png
new file mode 100644
index 00000000..bd53611c
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok30.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok31.png b/site/sigmaguides/src/security_sso_okta/assets/ok31.png
new file mode 100644
index 00000000..1a7d584b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok31.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok32.png b/site/sigmaguides/src/security_sso_okta/assets/ok32.png
new file mode 100644
index 00000000..80546f8e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok32.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok33.png b/site/sigmaguides/src/security_sso_okta/assets/ok33.png
new file mode 100644
index 00000000..3c2d31b8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok33.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok34.png b/site/sigmaguides/src/security_sso_okta/assets/ok34.png
new file mode 100644
index 00000000..4d97563f
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok34.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok35.png b/site/sigmaguides/src/security_sso_okta/assets/ok35.png
new file mode 100644
index 00000000..f530bc96
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok35.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok36.png b/site/sigmaguides/src/security_sso_okta/assets/ok36.png
new file mode 100644
index 00000000..832d3a39
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok36.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok37.png b/site/sigmaguides/src/security_sso_okta/assets/ok37.png
new file mode 100644
index 00000000..b06d380a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok37.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok38.png b/site/sigmaguides/src/security_sso_okta/assets/ok38.png
new file mode 100644
index 00000000..97f12a54
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok38.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok39.png b/site/sigmaguides/src/security_sso_okta/assets/ok39.png
new file mode 100644
index 00000000..d03736a0
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok39.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok4.png b/site/sigmaguides/src/security_sso_okta/assets/ok4.png
new file mode 100644
index 00000000..4d4f4e38
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok4.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok40.png b/site/sigmaguides/src/security_sso_okta/assets/ok40.png
new file mode 100644
index 00000000..8df70633
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok40.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok41.png b/site/sigmaguides/src/security_sso_okta/assets/ok41.png
new file mode 100644
index 00000000..eb87f071
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok41.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok42.png b/site/sigmaguides/src/security_sso_okta/assets/ok42.png
new file mode 100644
index 00000000..d20752ec
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok42.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok43.png b/site/sigmaguides/src/security_sso_okta/assets/ok43.png
new file mode 100644
index 00000000..b327e67a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok43.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok44.png b/site/sigmaguides/src/security_sso_okta/assets/ok44.png
new file mode 100644
index 00000000..cdcee08e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok44.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok45.png b/site/sigmaguides/src/security_sso_okta/assets/ok45.png
new file mode 100644
index 00000000..ce9d4a1f
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok45.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok46.png b/site/sigmaguides/src/security_sso_okta/assets/ok46.png
new file mode 100644
index 00000000..5ae5c8a7
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok46.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok47.png b/site/sigmaguides/src/security_sso_okta/assets/ok47.png
new file mode 100644
index 00000000..68282ac8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok47.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok48.png b/site/sigmaguides/src/security_sso_okta/assets/ok48.png
new file mode 100644
index 00000000..2eaea94a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok48.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok49.png b/site/sigmaguides/src/security_sso_okta/assets/ok49.png
new file mode 100644
index 00000000..f8c35572
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok49.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok5.png b/site/sigmaguides/src/security_sso_okta/assets/ok5.png
new file mode 100644
index 00000000..23fd5253
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok5.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok50.png b/site/sigmaguides/src/security_sso_okta/assets/ok50.png
new file mode 100644
index 00000000..f1942baf
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok50.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok51.png b/site/sigmaguides/src/security_sso_okta/assets/ok51.png
new file mode 100644
index 00000000..070b1e67
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok51.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok53.png b/site/sigmaguides/src/security_sso_okta/assets/ok53.png
new file mode 100644
index 00000000..34202232
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok53.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok54.png b/site/sigmaguides/src/security_sso_okta/assets/ok54.png
new file mode 100644
index 00000000..3a56e372
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok54.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok56.png b/site/sigmaguides/src/security_sso_okta/assets/ok56.png
new file mode 100644
index 00000000..a0b8dc35
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok56.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok57.png b/site/sigmaguides/src/security_sso_okta/assets/ok57.png
new file mode 100644
index 00000000..3384866d
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok57.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok57b.png b/site/sigmaguides/src/security_sso_okta/assets/ok57b.png
new file mode 100644
index 00000000..006dd0de
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok57b.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok57b1.png b/site/sigmaguides/src/security_sso_okta/assets/ok57b1.png
new file mode 100644
index 00000000..cdac46ce
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok57b1.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok6.png b/site/sigmaguides/src/security_sso_okta/assets/ok6.png
new file mode 100644
index 00000000..0575911b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok6.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok60.png b/site/sigmaguides/src/security_sso_okta/assets/ok60.png
new file mode 100644
index 00000000..e63feb9c
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok60.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok61.png b/site/sigmaguides/src/security_sso_okta/assets/ok61.png
new file mode 100644
index 00000000..49d730cf
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok61.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok61b.png b/site/sigmaguides/src/security_sso_okta/assets/ok61b.png
new file mode 100644
index 00000000..d204f4a7
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok61b.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok62.png b/site/sigmaguides/src/security_sso_okta/assets/ok62.png
new file mode 100644
index 00000000..cab0d12e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok62.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok63.png b/site/sigmaguides/src/security_sso_okta/assets/ok63.png
new file mode 100644
index 00000000..ad970da0
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok63.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok64.png b/site/sigmaguides/src/security_sso_okta/assets/ok64.png
new file mode 100644
index 00000000..7905cb4a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok64.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok65.png b/site/sigmaguides/src/security_sso_okta/assets/ok65.png
new file mode 100644
index 00000000..0a7fad85
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok65.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok66.png b/site/sigmaguides/src/security_sso_okta/assets/ok66.png
new file mode 100644
index 00000000..a84f8f5e
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok66.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok67.png b/site/sigmaguides/src/security_sso_okta/assets/ok67.png
new file mode 100644
index 00000000..62a2e6cc
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok67.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok68.png b/site/sigmaguides/src/security_sso_okta/assets/ok68.png
new file mode 100644
index 00000000..bcb16fea
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok68.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok69.png b/site/sigmaguides/src/security_sso_okta/assets/ok69.png
new file mode 100644
index 00000000..6fea92a9
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok69.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok7.png b/site/sigmaguides/src/security_sso_okta/assets/ok7.png
new file mode 100644
index 00000000..a8ee26c5
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok7.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok70.png b/site/sigmaguides/src/security_sso_okta/assets/ok70.png
new file mode 100644
index 00000000..b5c09768
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok70.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok71.png b/site/sigmaguides/src/security_sso_okta/assets/ok71.png
new file mode 100644
index 00000000..648915e6
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok71.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok72.png b/site/sigmaguides/src/security_sso_okta/assets/ok72.png
new file mode 100644
index 00000000..f873ae5c
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok72.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok73.png b/site/sigmaguides/src/security_sso_okta/assets/ok73.png
new file mode 100644
index 00000000..1f1d1a6a
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok73.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok74.png b/site/sigmaguides/src/security_sso_okta/assets/ok74.png
new file mode 100644
index 00000000..471556a8
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok74.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok75.png b/site/sigmaguides/src/security_sso_okta/assets/ok75.png
new file mode 100644
index 00000000..4f29ec12
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok75.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok76.png b/site/sigmaguides/src/security_sso_okta/assets/ok76.png
new file mode 100644
index 00000000..6d3af4cb
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok76.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok77.png b/site/sigmaguides/src/security_sso_okta/assets/ok77.png
new file mode 100644
index 00000000..f36c72fd
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok77.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok78.png b/site/sigmaguides/src/security_sso_okta/assets/ok78.png
new file mode 100644
index 00000000..f2673501
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok78.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok79.png b/site/sigmaguides/src/security_sso_okta/assets/ok79.png
new file mode 100644
index 00000000..4c61ce6b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok79.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok8.png b/site/sigmaguides/src/security_sso_okta/assets/ok8.png
new file mode 100644
index 00000000..cc1deaf6
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok8.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok80.png b/site/sigmaguides/src/security_sso_okta/assets/ok80.png
new file mode 100644
index 00000000..3f31ba3b
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok80.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok81.png b/site/sigmaguides/src/security_sso_okta/assets/ok81.png
new file mode 100644
index 00000000..deb71081
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok81.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok82.png b/site/sigmaguides/src/security_sso_okta/assets/ok82.png
new file mode 100644
index 00000000..e0cdcaae
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok82.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok83.png b/site/sigmaguides/src/security_sso_okta/assets/ok83.png
new file mode 100644
index 00000000..c2877be4
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok83.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/ok9.png b/site/sigmaguides/src/security_sso_okta/assets/ok9.png
new file mode 100644
index 00000000..768dd607
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/ok9.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/sigma_footer.png b/site/sigmaguides/src/security_sso_okta/assets/sigma_footer.png
new file mode 100644
index 00000000..df51d771
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/sigma_footer.png differ
diff --git a/site/sigmaguides/src/security_sso_okta/assets/twitter.png b/site/sigmaguides/src/security_sso_okta/assets/twitter.png
new file mode 100644
index 00000000..5a827d72
Binary files /dev/null and b/site/sigmaguides/src/security_sso_okta/assets/twitter.png differ