Okta Integration Network SSO Instructions

01/2023 - rev 1

Overview

You can enable SSO from your organization's Okta instance to your Oort tenant by installing the Oort Identity Security App from the Okta App Catalog.

Supported Features

  • Service Provider (SP) - Initiated Authentication Flow - When a user is logging in from the Oort platform.
  • Identity Provider (IDP) - Initiated Authentication Flow - When a user is initiating login to the Oort platform from Okta's "My Apps" page.

Requirements

To configure Oort SSO through Okta, you will need:

  • Admin Access to an Okta tenant

Configuration Steps

Configuring Okta as the identity provider for Oort will redirect users logging in to your Oort tenant to an Okta logic screen. After authentication, the users will be redirected back to the Oort platform. You will also be able to add an "Oort" button to your users' "My Apps" page in Okta.

Add the Oort App to Okta

Login to your organization’s Okta tenant.

  1. Navigate to the Admin console.
  2. Navigate to Applications > Applications > Browse App Catalog. Search for Oort Identity Security, and then click Add.
  3. Enter an Application Label in General Tab.
    Note - This is the name under which the Oort Identity Security app will appear in your Okta dashboard.
  4. Click Done.
  5. Go to the Sign On tab of the Oort Identity Security App
  6. Copy the Client ID and Client Secret.

Note: The Client ID is a public identifier for the client that is required for all OAuth/OIDC flows. The Client Secret is a private identifier which you should not share or broadly distribute.

Assign users to the Oort Identity Security App

Assign users (ideally through groups) to the Oort Identity Security App:

  1. Go to Applications > Oort Identity Security > Assign and then assigning to either the target people or group.

Send the Client ID and Client Secret to Oort Support

If you are not already communicating directly with a member of the Oort Customer Success or Support team, please reach out to support@oort.io to securely transfer the Client ID and Client Secret via a means of secure communication of your choice.