Skip to main content

How do I set up SSO with Okta?

This guide details how to configure Okta to enable your users to log in using their SSO account.

Updated this week

Prerequisites

  1. You have an existing Okta account for your organisation, with the appropriate permissions to create new integrations.
    (Your can create a free developer account for testing if required)

  2. You have a System Administrator account on your EdgeVis Server.


Setup steps

Okta has many different options, and there may be different settings or ways to configure the integration that may increase or decrease the security of your system.

The following steps are an illustration of how you could perform an integration, and we recommend reviewing all relevant documentation to ensure your setup meets your own company's security policies:

  1. Log into Okta with the admin credentials.

  2. Select Applications from the sidebar then “Create App Integration”:


  3. Select Sign-in method OIDC - OpenID Connect.

  4. Select Application type: Web Application.

  5. Enter a suitable App integration name.

  6. Set the Sign-in redirect URIs to
    https://[Your server's external IP]:9443/ssoCallback,

    (e.g. https://www.mycompany.com:9443/ssoCallback)

    You should also change the 9443 port number to reflect your server's external web server port if you've remapped it!

    How do I find out my server's external IP?

  7. Remove the example Sign-out redirect URIs.

  8. Under Assignments, you can set your permissions to limit who is allowed to access EdgeVis Server. This is one of two places you can restrict access - no one can access EdgeVis Server without creating the appropriate user account within EdgeVis Server.

    The simple approach is to select Allow everyone in your organization to access and then create user accounts within EdgeVis Server to control who can log in.

  9. Save the form. This will take you to the status page for your new integration - keep this page open, as you'll need the information in later steps.

  10. In another web browser/tab log into EdgeVis Server with a System Administrator account.

  11. From the home page, select All server settings -> User Settings -> Single sign-on. This will take you the settings pages for SSO - click the Edit the single sign-on settings for the server button.

  12. Check Enable single sign-on.

  13. From the Okta web page you need to copy the following information and paste it into your EdgeVis Server settings page for the following settings:

    1. Open ID Connect Configuration Url
      In Okta, click your name at the top-right of the page - this will bring up a small popup. The second item listed will be a domain name (e.g. dev-95613624.okta.com). Use the Copy to clipboard icon, then in EdgeVis Server, enter https:// and then paste the URL.

    2. Open ID Connect Client ID
      In Okta, on the General tab for your integration, use the Copy to clipboard icon at the end of the Client ID section and paste this into EdgeVis Server:

    3. Open ID Connect Client Secret
      In Okta, under the CLIENT SECRETS section, click the Copy to clipboard icon at the end of the existing secret, and paste this into EdgeVis Server:

  14. Once you have entered all three settings, you should hit the test link to confirm you have entered the correct settings:

  15. If the test is successful, click Submit to save your settings - your server is now ready for single sign-on users!

Next steps

You can now:

Did this answer your question?