Skip to content

Commit d079cde

Browse files
t-aleksandert-aleksander
committed
okta docs 2
1 parent 488d7ed commit d079cde

File tree

1 file changed

+25
-1
lines changed
  • enterprise/all-enteprise-features/external-openid-providers

1 file changed

+25
-1
lines changed

enterprise/all-enteprise-features/external-openid-providers/okta.md

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,26 @@
1-
# Okta
1+
1. First, navigate in your Okta dashboard to "Applications" and create a new app integration here:
2+
3+
<figure><img src="../../../.gitbook/assets/image-1.png" alt=""><figcaption></figcaption></figure>
4+
5+
2. Next, select following options like so:
6+
7+
<figure><img src="../../../.gitbook/assets/image-2.png" alt=""><figcaption></figcaption></figure>
8+
9+
3. On the next page, configure the application. Make sure to set the correct Sign-in URIs, those will take the form of `<DEFGUARD_DASHBOARD_URL>/auth/callback` (dashboard login) and `<DEFGUARD_ENROLLMENT_URL>/openid/callback` (if you want to perform new user enrollment using Okta). Replace `<DEFGUARD_DASHBOARD_URL>` and `<DEFGUARD_ENROLLMENT_URL>` with the URLs of your Defguard dashboard and enrollment page (proxy) accordingly. If you access your Defguard dashboard at e.g. `https://defguard.example.net` your redirect URI will be `https://defguard.example.net/auth/callback`.
10+
11+
12+
<figure><img src="../../../.gitbook/assets/image-6.png" alt=""><figcaption></figcaption></figure>
13+
14+
4. Next, select the assignment according to your needs, we will select the option that allows every directory member to login:
15+
16+
<figure><img src="../../../.gitbook/assets/image-4.png" alt=""><figcaption></figcaption></figure>
17+
18+
5. Now, copy your client ID and secret, as you will need to paste it in your Defguard's settings.
19+
20+
<figure><img src="../../../.gitbook/assets/image-7.png" alt=""><figcaption></figcaption></figure>
21+
22+
6. Go to your Defguard settings, and fill all the required information, pasting the Client ID and Client secret from Okta:
23+
<figure><img src="../../../.gitbook/assets/image-10.png" alt=""><figcaption></figcaption></figure>
24+
25+
The base URL will be based on your Okta domain. In the case of this example, the `-admin` part of the URL had to be additionally removed. To additionally verify if your Base URL is correct, you can navigate to `<YOUR_OKTA_DOMAIN>/.well-known/openid-configuration`. The issuer field here should be the same as the Base URL.
226

0 commit comments

Comments
 (0)