Okta SSO
This page describes how to set up your Okta SSO for RegScale.
Prerequisites
Before you start, ensure that you have admin access to both RegScale and Okta.
Steps:
- Log in to your Okta account: Open your Okta account, and log in as an administrator.
- Create an Okta application:
- Go to
Applications > Add Application
- Click
Create New App
, selectSingle Page Apps
as the platform, thenOpenID Connect
as the Sign-on method, and then clickCreate
.
- Go to
- Fill in the Application name, and optionally upload a
logo
. - Set up the Okta application:
- Under the General Settings, you will need to add the
Redirect URIs
. The Redirect URI should match the one you have in your RegScale settings.
For example, if your RegScale application is hosted at https://yourapp.regscale.io, your Redirect URI might be https://yourapp.regscale.io/login. - Under Allowed grant types, ensure
Authorization Code
andRefresh Token
are selected.
ClickSave
. - Retrieve your Client ID, Client Secret and Authority:
- After saving, Okta will direct you to the General tab of your application. Here you will find the
Client ID
andClient Secret
:
Your Authority URL will be your Okta domain or your Okta domain followed by /oauth2/default. For example, https://dev-123456.okta.com/ or https://dev-123456.okta.com/oauth2/default depending on the configuration of Okta. (See https://developer.okta.com/docs/reference/api/oidc/#well-known-openid-configuration)
- After saving, Okta will direct you to the General tab of your application. Here you will find the
- Set up RegScale:
- Log in to your RegScale application as an administrator
- Navigate to your OAuth settings
- Input your Client ID, Authority that you gathered from Okta and Redirect URL for RegScale.
Save your changes.
- Under the General Settings, you will need to add the
- Test your setup:
Attempt to log in to your RegScale application via Okta to ensure everything is working as expected
This is a high-level overview, and your setup might need additional steps depending on the specifics of your system and security needs. Always ensure you adhere to best practices when dealing with authentication and user data.
Updated about 1 year ago