Configuring Okta SSO with OpenLM -
Israel +972 4 6308447      USA +1 619 831 0029         UK +44 203 807 9405         JAPAN +81 505 893 6263 担当:萩原

Configuring Okta SSO with OpenLM

You are here:
< All Topics

This is a short guide on how to configure the integration between OKTA SSO and OpenLM.

Requirements:

  • An existing OKTA account;
  • OpenLM Server&Identity Service v21 or higher configured with SSL;

1. Adding OpenLM Application in the Okta Admin Interface

  1. Access your OKTA account. On the left side menu click on Applications:

2. Click on Create App Integration:

3. In the newly opened pop-up window select the Sign-in method – OIDC – OpenID Connect and Application Type – Web Application. Click Next.

4. Name the application and tick the following boxes:

  • Client Credentials
  • Authorization Code
  • Implicit (Hybrid)

5. Leave the URIs unchanged, the correct URIs will be provided by OpenLM after the integration is imported on the side of OpenLM at a later stage. (Step 2.3). Click Save.

2. Import the OKTA details to the Identity Service

1. Go to the OpenLM Identity Service →External Providers tab and fill in the following fields with the information from your Okta Account:

  • Client ID
  • Client Secret
  • Account ID – set as none for the on-premise OpenLM users
  • Authority – OpenLM Server host
  • Provide a name at your convenience

2. Click Save

3. After the import is completed on the OpenLM Identity Service side, the correct URIs tied to your account will be generated.

4. Go back to your OKTA account. Click Edit on General setting Section:

 

5. Scroll down to the Login Section. Input data from OpenLM Identity Service: sign in and signout redirect URLs. Click Save.

6. Go to C:\Program Files\OpenLM\OpenLM Identity Service\SecurityService and open the appsettings.json in a text editor.

7. Scroll down to find the “OKTA” node, where we will change the “Allow” property from false to true, input the Authority, ClientID” and ClientSecret:

},
  "Okta": {
    "Allow": true,
    "Authority": "https://*****.openlm.****:5015/",
    "ClientId": "************************",
    "ClientSecret": "********************************",
    "CallbackPath": "/signin-oidc-okta"
  }
}

7. CTRL+S to save the changes then restart the Identity Service.

8. Go to the Identity Service webpage. Now you will be able to log in with OKTA:

 

Next How to configure Identity Service with Azure Active Directory (AAD)
Table of Contents