Okta Integration

How to Integrate Kondukto to Okta

  1. Enter the Okta Admin panel.
  2. Click Applications ➡️ Applications from the left menu.
  3. Click Create App Integration.
  4. Check OIDC - OpenID Connect as the Sign-in method.
  5. Check Web Application as the Application type. Then click the Next button.

  1. Type “{YOUR_KONDUKTO_HOST}/login/okta” to the Sign-in redirect URIs
  2. Type “{YOUR_KONDUKTO_HOST}/logout/okta” to the Sign-out redirect URIs

  1. Select “Allow everyone in your organization to access” as Controlled Access in the Assignments section.

  1. Uncheck “Enable immediate access with Federation Broker Mode” as shown below. Then click the Save button.

  1. Copy the “Client ID” value to a safe place.
  2. Click the “Generate new secret” button.

  1. Copy the “Client secret” value to a safe place.
  2. Go to the “Sign On” menu.
  3. Scroll down and click the “Edit” button in the “OpenID Connect ID Token” panel.
  4. Select “Matched regex” and type “.*” to the “Groups claim filter

  1. Click the “Save” button.
  2. Select Directory ➡️ Groups from the left menu.
  3. Click to the “Add group” button and create the groups below.

  1. Assign users to the groups.
  2. Select Applications from the left menu and select “kondukto” app integration.
  3. Go to the “Assignments” menu.
  4. Assign all created groups to the “kondukto” application.
  5. Click the “Done” button.
  6. Then going to the Kondukto side. You can complete Okta integration by entering Okta Trial URL, Client ID, Client Secret, and Issuer URL, and defining roles at the bottom. You can get the Issuer URL from the API screen.

How to generate a token in Okta

  1. In admin panel, select API under the Security dropdown tab.
  2. Move to Tokens tab and click Create Token button.
  3. Name the token as you wish and click Create Token button.
  4. Copy the Token Value to a safe place and click the green OK, got it button.