Okta SSO Integration

05/2022 - rev 2

Overview

Oort’s platform can leverage your Okta instance for authentication into the Oort console. This allows you you fully manage administrator and read-only access to the Oort Dashboard. Okta integration with Oort is set up using OpenID Connect (OIDC.)

Goal

The goal of this document is to serve as a guide to set up authentication with your Okta.

Audience

This document is meant for the CISO to share with their teams to set up the integration with Okta for SSO integration.

Note - Collaboration with the Oort Customer Success team is required to complete the SSO integration via the exchange of Okta client secret.

screenshot 2022 05 02 151219

Okta Integration

Okta SSO integration will be set up with an OpenID Connect style application. The application will be configured in Okta and then assigned to users in the Okta directory.

Permission requirements for setting up Oort Dashboard SSO integration with Okta

To add the necessary configuration in Okta, you need to be one of the following:

Super Administrator
Organization Administrator
Application Administrator

Setup Steps

There are 3 steps you need to go through to set up your SSO auth between Okta and Oort.

Add application in Okta
Provide ClientID and Client Secret to Oort
Assign application to users

Add Application to Okta

Create App integration.

Go to Applications...Applications
- Click on Create App Integration.

screenshot 2022 05 02 151515

Please fill in the new app integration wizard as follows:
1. Sign-in Method - OIDC - OpenID Connect
2. Application Type - Web Application
3. Click next
On the New Web App Integration page, complete the following:

- App integration name = Oort Dashboard (or desired app name)
- Grant type = Authorization Code
- Sign-in redirect URIs = https://login.stage.oort.io/login/callback
- Sign-out redirect URIs = https://oort.io
Assignments
- Limit access to selected groups (if you would like to select a group)
- Skip group assignment for now (if you would like to assign access later on)

Provide ClientID and Client Secret to Oort

Next, you will provide the Client ID and Client secret to Oort.

You will now be on the configured application screen. On this screen, you will provide the Client ID and Client secret to Oort for setup in Oort’s backend.

Client ID
Client secret

screenshot 2022 05 02 155649

Assign application to users

If you did not assign the Oort Dashboard app to users during the app setup process, please assign the Oort Dashboard app to the appropriate users.

Assign app to user:

Go to Directory...People
Click on Username that you would like to assign the app to
Click on Assign Applications
Select the Oort Dashboard and click Done