Configuring Okta Single Sign-On with OpenID Connect

Okta is an identity and access management platform. Its SSO solution allows users to log into a variety of systems using one centralized process.

Configuring Okta

Log in to your Okta account and navigate to the Admin dashboard.

From the Applications menu on the left, select Applications.

The Applications page is displayed. Click on the button Add Application:



Click Create New App on the page that appears. The Create a New Application Integration dialog is displayed.

In the Sign on method field, select OIDC and click Create. The Create OIDC Integration window is displayed and opens at the General Settings tab.



In the Application name field, enter Noticeable. As Login redirect URIs, specify https://auth.noticeable.io/__/auth/handler. Then, click Save. The general settings for the new application you have created are shown.

Locate the Client Credentials and General Settings boxes. Copy the value associated with the fields Client ID and Okta domain. We'll respectively refer to these values as your Okta Client ID and Okta domain when configuring your integration on the Noticeable dashboard just after.



In General Settings, click Edit.

For Allowed Grant Types, check the boxes Implicit (Hybrid) and Allow ID Token with implicit grant type. Validate the changes with the Save button at the bottom of the box.



Click on Assignments in the tab bar. Then, use the Assign dropdown button to add new people or group of people who will be allowed to connect to Noticeable via Okta.



Configuring Noticeable

At this stage, you should have an application dedicated to Noticeable configured on Okta. The integration with Noticeable works in 2 steps. First, you need to create a connection. Second, you have to link the company domain that users use in their email address to sign in.

Creating a connection

Open the Noticeable dashboard.

From the left menu, click on Integrations. A page that lists available integrations appears.

Locate the Single Sign-On integration and click on Configure. The configuration page is displayed.

Click the Add New button on the top right side, then Connection in the dropdown that appears. A form to configure a new connection is shown.

Enter a name in the first input field, for instance Okta.

As connection type select OIDC.

As Client ID, enter the Okta client ID value you copied while applying the Okta configuration steps.

The Issuer URL value to use should be your Okta domain with the prefix https:// prepended and the suffix /oauth2/default appended. For instance, if your Okta domain is acme.okta.com, then you should use https://acme.okta.com/oauth2/default.

You can find the exact value on the Okta dashboard. Select Security, API. Under Authorization Servers, identify the authorization server to use and copy the value for Issuer URI:



Select what action to perform Upon Account Creation. By default, when a user from your organization signs in for the first time, an account is automatically created on Noticeable but the user is only assigned as a member of your Noticeable organization. No project access is given. The Upon Account Creation option allows giving access to existing projects to new users without having to send invitations manually for each project under your organization.



Click Create. Your connection is created!

Noticeable supports multiple connections so that if you need to switch between 2 Identity Providers, you can do it without any interruptions.

Creating and linking a domain

The last configuration consists in linking your company domain (the one used by users to sign-in) with the connection created in the previous section.

Click the Add New button on the top right side, then Domain in the dropdown that appears. A dialog to link a new domain is shown.
In the Domain name field, enter your company domain, for example acme.com. The domain to specify is the domain users will use in their email address in order to sign-in.
In the Link with connection dropdown, select the connection to link this domain with. If you followed the steps, the connection should be named Okta.



Click Link. A new dialog appears. It asks to setup a TXT DNS record to prove that you own the domain.



Complete the DNS configuration and click Verify.
That's it. Your domain is verified and linked. You can use SSO to sign-in to Noticeable 🎉

Read our SCIM configuration guide if you need to support deactivation/reactivation.
Was this article helpful?
Cancel
Thank you!