Contents x
    Okta 3rd party authentication
    • 1 Minute to read
      Contents

      Okta 3rd party authentication

      • 1 Minute to read
        Article Summary

        How to enable Okta SSO?

        In order to login to NordLayer apps or Control Panel, users can authenticate their identity via Okta SSO.

        Here’s how to set up Okta SSO integration:

        1. Log in to your Okta dashboard

        2. At the top right corner, click Admin

        3. Head to the Applications section and select Applications

        4. Click on Create App Integration and select OIDC - OpenID Connect option

        5. At the bottom of the page, choose Web Application

        6. Click Next. That should open the New Web App Integration window

        7. Set the application name as NordLayer

        8. In the Sign-in redirect URl field, enter:

        https://auth.nordlayer.com/v1/tokens/oauth/resolution

        1. Customize the Assignments section based on your need and click Save

        2. Now you should be redirected to the General page of the application that you've just created. Copy Client ID and Client secret values

        3. Click on the Sign On tab

        4. Copy your Issuer and Audience parameters

        Once you have copied all these values, you can head to the NordLayer Control Panel on our website and navigate to Settings - Login methods. By choosing Okta you will be prompted to enter five values as follows:

        Client ID - value copied from OKTA dashboard

        Client Secret - value copied from OKTA dashboard

        Base URL - https://your-okta-domain.okta.com/oauth2 (replace your-okta-domain with the Issuer from OKTA dashboard)

        Audience - value copied from OKTA dashboard

        Issuer - https://your-okta-domain.okta.com (value copied from OKTA dashboard)

        Once you submit this information, your organization members will now have the ability to log into the NordLayer application or the NordLayer Control Panel using Okta SSO.
        Okta modal.png

        Note:
        • Single-Sign-On (SSO) will be enabled for the Control Panel, VPN apps, and Browser Extension
        • You can have multiple Single-Sign-On (SSO) methods enabled
        • It is possible to remove email & password authentication, leaving SSO as the only option to log in to the account

        Other available SSO providers include Google, JumpCloud, Azure AD, and OneLogin. You can set them up in the Control Panel by following these guides:

        Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.

        Was this article helpful?
        What's Next