Skip to main content

Okta

Information Need to send us (Issuer URI, Authorize URL & Client ID)

  • Open Okta Admin Console, go to Security > API.
  • Note down Issuer URI okta image of API
  • Now go to Securite > Identity Providers. Click on default identity provider. okta image of Identity Note down Authorize URL.
  • Share both details with Protrak Team.

Create App

  • In the Admin Console, go to Applications > Applications. okta image of Application

  • Click Create App Integration. okta image of Browse

  • To create an OIDC app integration, select OIDC - OpenID Connect as the Sign-in method. okta image of sign

  • Choose the type of app as Single-Page Application okta image of Application

  • Click Next.

Configure General Settings:

  • Enter name of the app or keep as is (can be changed later). okta image of single

  • Add Logo (Optional).

  • Grant type: Select Authorization Code & Refresh Token okta image of single Also expand Advanced and select Implicit (hybrid).

  • In Sign-In redirect URIs, edit URI to ⦁ "https://app.protrak.io/okta/callback" and add one more URI which Protrak Team provides. Sample URI "https://app.protrak.io" / okta? ⦁ issuer= "https://xxxx.okta.com/oauth2/default" tenantId=xxx-xxx-xxxx-xxx and Sign-out redirect URI to "https://app.protrak.io" okta image of signredirect

  • Scroll down to Assignments section & select Skip group assignment for now okta image of Skipgroup

  • Click Save.

  • Once app is created, copy Client ID and share it with Protrak Team. okta image of Skipgroup

  • Click on Edit button. okta image of AppIntergration

  • Scroll down to LOGIN section and change Login Initiated By from App Only > Either Okta or App.

  • Application Visibility: Select checkbox, so users can see your App tile in okta app dashboard.

  • In Login Flow: select Send ID Token directly to app (Okta Simplified) and select below scopes. okta image of AppIntergration

  • Click Save.

  • Click on Assignments tab. okta image of MySPA

  • Click on Assign > Assign to Groups. okta image of MySPAThird

  • Assign app to group which all can access app. Once assigned click Done. okta image of MySPAtogrp

  • From Left Main Menu, select Security > API. okta image of Application okta image of AppSecond

  • Select default Authorization Server and select Access Policies tab. okta image of AppSecond

  • Click Add Policy and add below details. okta image of Apppolicy In Assign to, search for your app, created in above steps and select. Click Create Policy.

  • Add Rule in created policy. okta image of AddRule

  • Add Rule name okta image of AddRulename

  • Make sure to select Grant types as below okta image of Grant And click Create Rule.

  • From Left Main Menu, Go to Applications. Click on Browse App Catalog. okta image of Browse

  • Search Bookmark App. okta image of BookMarkOne okta image of BookMarkTwo

  • After Selecting app, will take you to below screen okta image of BookThird

  • Click on Add Integration.

  • Add Application label okta image of Applable ⦁ In URL, add URL provided by Protrak Team. Sample URL ⦁ " https://xxxx.okta.com/oauth2/xxxx/v1/authorize?idp=xxxxxxxx&client_id=xxxxxxxx&response_type=id_token&response_mode=fragment&scope=openid%20email&redirect_uri=xxxxxxxxx&state=xxxx&nonce=xxxxx"

  • Click on Save.

  • Click on Assignments Tab in create bookmark app. okta image of Assignments

  • Assign app to people or group. Same as done in step no 14 & 15.

  • Once Okta configurations are done, login to Protrak app with admin user. Go to Tenant Settings > SSO Settings. okta image of Assignments

  • Select instance with Identity Provider Okta. And add details like Name, okta image of Assignments