HomeGuidesTerms & ConceptsAPI DocumentationCompliance AIPush APIRelease NotesStatus
Guides
Start typing to search…

Authentication

How to set up SSO authentication using an Okta integration. You can follow these steps to configure OIDC Authentication using a different provider as they will be similar.

You can configure the Secberus platform for single sign-on through Okta. Here are the steps.

  1. Log into your Okta account
  2. Select Applications page
  3. Click Create App Integration
  4. Select OIDC - OpenID Connect as the Sign-in method
  5. In Application type, select Web Application
  1. Click Next
  2. Configure Application:
    1. Name your application anything you like, i.e. Secberus
    2. Ensure that Authorization Code and Refresh Token code grants are checked
    3. In Sign-in redirect URIs, provide the following URIs:
      1. https://sso.secberus.io/oauth2/idpresponse
      2. https://app.secberus.io/auth/callback
    4. In Sign-out redirect URIs, provide the following URI:
      1. https://app.secberus.io

  1. Assign group access to the groups you want to be able to sign into Secberus using your app integration.
  2. Click Save.
  3. You will be provided a Client ID and a Client Secret. Be sure to save these values somewhere safe since you will need to provide this information when you add your provider in Secberus. This will be the only time the Client Secret will be shown.
  4. You will also need to provide Secberus the issuer_url. In your Okta application, within the Sign-on tab, under OpenID Connect ID Token, ensure that the Issuer is set to Okta URL (https://example-12345.okta.com).
  5. Finally, update the app's API Scopes to grant:
    1. sessions.read,
    2. users.read, and
    3. users.read.self
1476
  1. In the Secberus dashboard, when adding your SSO provider in the Manage account admin panel > Authentication screen. Provide
    • Provider name, i.e. okta
    • Domain - users who sign-in to app.secberus.io with the provided domain will be redirected to your SSO provider
    • Provider Type: OpenID Connect (OIDC)
    • Client ID, Client Secret, and Issuer URL from steps 8 and 9.
    • Attribute mappings. There are mandatory claims that are required to sign-in. For OIDC, the usual values in the claims are listed below. If these are configured differently in your SSO provider, please provide those values instead.
      • First Name: given_name
      • Last Name: family_name
      • Email: email
👍

Your Okta integration configuration is now complete.



Updated 10 days ago