# Okta Configuration

This session shows how to register a Web application on the Okta developer console. When registering the application, we are getting the following values that are needed for later configuration in Datawiza Cloud Management Console (DCMC):

  • Client ID
  • Client Secret
  • Okta Org
  • (Optional) Okta API Token

# Add new application

  1. Create a new application. When performing this step, make sure to login to your developer account on Okta. Visit the link here to create a developer account. Okta Create App

  2. Choose OIDC-OpenID Connect as Sign-in method and Web Application as Application type, then click Next. Okta Web Platform

# Create your Okta application

  1. Fill out the form, give your application a descriptive name. e.g., Header base application demo. Follow the steps below:
  • Base URIs: e.g., http://localhost:9772
  • Login redirect URIs: e.g., http://localhost:9772/authorization-code/callback
  • Logout redirect URIs: e.g., http://localhost:9772
  • Others remain default settings
  • Then click Save Okta Config

# Okta Client ID and Client Secret

  1. On the general information setting page, please make a copy of Client ID and Client secret under the Client Credentials section. You will need these two codes later to build up the connection. Okta Get Client ID

# Save ‘Okta Org’ URL

  1. Locate the organization URL in the upper-right corner which takes the form of https://your_domain.okta.com. Save this URL as Okta Org.
    Config Okta in DCMC

# Assign Application in Okta

  1. Double check members are linked to the right applications (if not, choose Assign Applications by clicking the green button to manually add). Assign APP in DCMC

# (Optional) Add Claims in ID Token

You can skip this section if you need only default claims (family name, given name, email, and so on) provided by Okta. Otherwise, follow the steps below (mainly based on Add a Custom Claim to a Token) to add custom claims in Okta Console:

  1. Select API tab in Security, it should be a default authorization server called default. Click default:
    Assign APP in DCMC
  2. Select Claims and click Add Claim:
    Assign APP in DCMC
  3. Include the claim in the ID token:
    Assign APP in DCMC
    In addition, you can click Okta Expression Language for more details about expression language.

Then, you need to add the customized attribute in DCMC. You can follow Step 4: Pass User Attributes to pass custom claims.

# (Optional) Create API token in Okta

Alternatively, we support getting user info from OKTA user info API by API token. By this means, we can get all user info about the user and do not need to add claims in ID Token.

  1. Choose API and then create your own token. Please be aware of the token value. Okta API token is used by DAB to get user information, especially for those customized user attributes.
    Get Okta API Token Get Okta API Token

# Summary

We have shown how to register a web application on Okta. Please make sure to save the following values for later setting in Datawiza Cloud Management Console.

  • Client ID
  • Client Secret
  • Okta Org
  • (Optional) Okta API Token

# Reference

Using the Console
Create Claims
Add a Custom Claim to a Token
Okta Expression Language
API Token