Skip to main content

SSO with Okta

Haima Ambily
  • Updated

You can integrate SEMINE with Okta to enable secure authentication through Single Sign-On (SSO). Follow the steps below to configure the application in Okta

Step 1: Create a new app integration

Create app integration in Okta

  1. Log in to your Okta Admin Console.
  2. Navigate to Applications > Applications.
  3. Click Create App Integration.
  4. In the Sign-in method section, select OIDC - OpenID Connect.
  5. Click Next.
Note: The OIDC - OpenID Connect option is required for SEMINE to use OAuth 2.0 authentication for Single Sign-On (SSO).

Step 2: Select the application type

  1. Select Web Application.
  2. Click Next.

Step 3: Configure client credentials

Client credentials configuration

Under Client Credentials, configure the following:

  • Client authentication: Client secret
  • Proof Key for Code Exchange (PKCE): Enabled
  • Click Generate new secret
Note: The Client ID is generated automatically by Okta. Copy the Client ID and the generated client secret, as both are required when configuring SSO in SEMINE.

Step 4: Configure general settings

General settings

Field Value
App integration name Semine
Application type Web
DPoP Off

Configure the following Grant types:

  • Client Credentials
  • Authorization Code
  • Implicit (hybrid)
    • ID Token: Enabled
    • Access Token: Disabled
Note: Refresh Token, MFA, OTP, and CIBA grants must remain disabled.

Step 5: Configure user consent and login

Under User Consent:

  • Require consent: On
  • Terms of Service URI: Leave empty
  • Policy URI: Leave empty
  • Logo URI: Leave empty
Login setting Value
Sign-in redirect URIs

https://login.uatsemine.no/signin-f3358655-45be-4036-88bf-103736ce3f47

https://login.semine.no/signin-1a45033e-f1e3-4e2d-a153-064377fd8b20
Post-logout redirect URIs http://localhost:8080
Login initiated by App Only
Initiate login URI Leave empty
Callback URI Leave empty

Step 6: Configure logout and network settings

image.png

Logout

  • Global token revocation: Off

Network IP

  • Token can be used from: Any IP

Optional settings

  • Federation Broker Mode: Disabled
  • Application profile attributes: None defined
  • Entitlement management: Disabled

Step 7: Save and assign users

  1. Click Save.
  2. Assign users or groups who should access SEMINE.

Step 8: Complete SEMINE configuration

Go to Settings > Authentication > SSO in SEMINE and enter the Client ID and Client secret from Okta. Save the configuration and test the login.

Related articles

Related articles

Comments

0 comments

Please sign in to leave a comment.