Configure Okta as SSO
On Okta side, you'll have to create a new application:
- Step 1: Create an OpenID Connect web application
- Step 2: Configure the callback URI
The redirect URI must be like:
http(s)://<Console host>:<Console port>/oauth/callback/<OAuth2 config name>.
For example, if you deployed Console locally using the name
okta in your configuration file, you can use
http://localhost:8080/oauth/callback/okta, like on the screenshot below.
- Step 3: Configure app assignments, and save changes
- Step 4: Get
client secret, that you'll use in the configuration file of Console
- Step 5: Find the
issuer URLin the Sign On tab of your application. It's made like
You can find the .well-known at:
On Console side, you can add the snippet below to your configuration file. You have to replace the
client secret, and
domain, by what you got during the steps 4 and 5.
- name: "okta"
client-id: "<client ID>"
client-secret: "<client secret>"
Or using environment variables: