Okta
Use Okta as your Identity Provider.
Create OAuth Client
Note: The instructions in this section are only needed when Okta is used for authentication of the Atolio web application.
- Navigate to Applications in the Okta admin console (
https://example.okta.com/admin/apps/active
). - Click “Create App Integration”.
- Select “OIDC - OpenID Connect” from the list of Sign-in methods.
- Select “Web Application” from the list of Application types and hit “Next” to create the app.
- (Optional) Edit the name and provide the Atolio logo for the app.
- Under “Grant type” –> “Client acting on behalf of a user”, ensure that “Authorization Code” is enabled.
- Under “Sign-in redirect URIs”, add the URL
https://search.example.com/auth/_callback
(note this is identical for Google). - Under “Sign-out redirect URIs”, remove the default
http://localhost:8080
URI. - Under “Assignments”, choose who should have access to the Atolio app. This setting can be modified later. If you choose to “Skip group assignment for now”, remember to add yourself to the Assignments list in order to be able to sign-in.
- Click “Save”.
- Under “Client Credentials”, copy the “Client ID” & “Client Secret” and save them for later.
Setup Okta Connector
Once your Atolio infrastructure has been deployed, you will also need to setup the Okta Connector to enable users and user mappings using an API token.