In this document, we'll show you how to use Okta as an Identity provider for Paralus. This will allow your users to login via Okta and access Paralus. Below is the list of items that we will cover in this document:
Creating a Okta SSO Application
Login to your Okta account as an admin and navigate to
Applications -> Applications and Create a new App Integration.
In the dialog that opens, choose OIDC - Open ID Connect as the Sign-in Method and Web Application as the Application Type.
On the next screen provide a name for the application. Under Assignments -> Controlled Access, select
Skip Group Assignment For Now
Leave the Application Callback URL empty for now and Register the application.
Note down the
client-secret as those will be required to configure identity provider for Paralus.
Adding an Identity Provider to Paralus
Login to your Paralus dashboard and navigate to
System -> Identity Providers and click on New Identity Provider
Provide the name of the identity provider and choose IdP type as
Generic from the drop down.
For client identifier & secret, provide the
client-secret of the Okta app created earlier.
Under Scopes provide
openid, profile, email
For Issuer URL, provide the url for your Okta Account. For example: https://dev-1234567.okta.com/oauth2/default
Click Save & Continue.
From the next screen copy the
Callback URL and paste it in the callback URL for the Okta OAuth app created in the earlier step.
The Mapper Configuration will be set for Okta, so you don't need to change anything on this screen.
On the Mapper Configuration screen, provide
https://raw.githubusercontent.com/paralus/paralus/main/_kratos/oidc-mappers/okta.jsonnet as the mapper url.
Click Save & Exit.
At this point, you have successfully added Okta as an identity provider for Paralus.
Verify Login with Okta
To confirm if the setup was correct, logout from Paralus.
On the login screen, you should now see a
Sign In With Okta button. Click on it to begin the login process using Okta.
Enter your Okta credentials and login. All the application to access the respective details and sign in.
Once authenticated, you'll be redirected to Paralus dashboard.
Congratulations! You've successfully configured Okta as an identity provider for Paralus.