Okta 3rd party authentication
  • 1 Minute to read

    Okta 3rd party authentication


      Article Summary

      How to enable Okta SSO?

      In order to login to NordLayer apps or Control Panel, users can authenticate their identity via Okta SSO.

      Here’s how to set up Okta SSO integration:

      1. Log in to your Okta dashboard

      2. At the top right corner, click Admin

      3. Head to the Applications section and select Applications

      4. Click on Create App Integration and select OIDC - OpenID Connect option

      5. At the bottom of the page, choose Web Application

      6. Click Next. That should open the New Web App Integration window

      7. Set the application name as NordLayer

      8. In the Sign-in redirect URl field, enter:

      https://auth.nordlayer.com/v1/tokens/oauth/resolution
      
      1. Customize the Assignments section based on your need and click Save

      2. Now you should be redirected to the General page of the application that you've just created. Copy Client ID and Client secret values

      3. Click on the Sign On tab

      4. Copy your Issuer and Audience parameters

      Once you have copied all these values, you can head to the NordLayer Control Panel on our website and navigate to Settings - Login methods. By choosing Okta you will be prompted to enter five values as follows:

      Client ID - value copied from OKTA dashboard

      Client Secret - value copied from OKTA dashboard

      Base URL - https://your-okta-domain.okta.com/oauth2 (replace your-okta-domain with the Issuer from OKTA dashboard)

      Audience - value copied from OKTA dashboard

      Issuer - https://your-okta-domain.okta.com (value copied from OKTA dashboard)

      Once you submit this information, your organization members will now have the ability to log into the NordLayer application or the NordLayer Control Panel using Okta SSO.
      Okta modal.png


      Note:
      • Single-Sign-On (SSO) will be enabled for the Control Panel, VPN apps, and Browser Extension
      • You can have multiple Single-Sign-On (SSO) methods enabled
      • It is possible to remove email & password authentication, leaving SSO as the only option to log in to the account

      Other available SSO providers include Google, JumpCloud, Azure AD, and OneLogin. You can set them up in the Control Panel by following these guides:


      Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.


      Was this article helpful?