Skip to main content

Okta

Rich Hubbard

AptEdge supports Single Sign-On (SSO) with Okta using the OpenID Connect (OIDC) and OAuth 2.0 protocols. This allows you to create a privately controlled OIDC application within your Okta tenant to manage authentication for your team.

Create a Private OIDC Application in Okta

You will need to generate a new application integration in your Okta Admin Dashboard to facilitate the connection.

  1. Log in to your Okta Admin Dashboard.

  2. Navigate to Applications > Applications in the sidebar.

  3. Click Create App Integration.

  4. Select OIDC - OpenID Connect as the Sign-in method and Web Application as the Application type. Click Next.

  5. App Integration Name: Enter "AptEdge" (or your preferred name).

  6. Sign-in Redirect URI: Enter your specific AptEdge domain in this format: https://<your-aptedge-domain>.aptedge.io/global-oauth/okta

  7. Sign-out Redirect URI: Remove the default entry by clicking the X icon next to the input box.

  8. Assignments: * If you want everyone in your Okta tenant to have access immediately, you can leave Federation Broker Mode enabled (under Assignments).

    • If you prefer to limit access to specific groups, select "Skip group assignment for now".

  9. Click Save.

2. Retrieve Credentials for AptEdge

Once the app is saved, Okta will provide the credentials needed to link the two platforms.

  1. Stay on the application page and locate the Client ID and Client Secret. Copy these for later use.

  2. Find your Okta Domain: * Look at your browser's address bar.

    • If your admin URL is https://dev-12345-admin.okta.com, your Base Domain is dev-12345.okta.com (simply remove the -admin portion).

    • Note: If you use a custom domain like sso.yourcompany.com, use that instead.

3. Configure Settings in AptEdge

  1. Log in to AptEdge as an Administrator and go to Settings.

  2. Under the Integrations tab, find Okta within the Authentication section and click Connect.

  3. Okta Account Domain: Enter the Base Domain retrieved in the previous step (e.g., dev-12345.okta.com).

  4. Client ID & Secret: Paste the values copied from your Okta app settings.

  5. Click Authorize.

  6. The connection is successful when the icon changes to a green checkmark.

  7. Verification: Sign out of AptEdge. You should now see a "Continue with Okta" button on your login screen.

4. Manage User Access (Optional)

If you did not enable Federation Broker Mode during setup, you must manually assign the app to your users.

  • To Restrict Access: 1. In Okta, go to the AptEdge App and select the Assignments tab. 2. Assign the application to specific individuals or security groups.

  • Security Best Practice: Microsoft and Okta both recommend using Groups for assignments. This makes it easier to offboard users or change permissions in bulk without editing the individual application settings.

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk