--- title: "Okta 3rd party authentication | Nordlayer Help" slug: "okta-3rd-party-authentication-smp" description: "In order to enable Okta SSO as a login option for NordLayer, you will need to do the following: Log in to your Okta dashboard.Copy Client ID and Client secret values to enable SSO." updated: 2024-08-13T07:29:12Z published: 2024-08-13T07:29:12Z --- > ## Documentation Index > Fetch the complete documentation index at: https://help.nordlayer.com/llms.txt > Use this file to discover all available pages before exploring further. # Okta 3rd party authentication NordLayer offers two approaches to integrate with Okta: a manual method and an option through the Okta app. We'll walk you through both methods in this guide. ## Set up NordLayer SSO using Okta application The Okta application enables users to initiate **Service Provider (SP-Initiated)** and **Provider Initiated (IdP-Initiated) SSO**. To set up NordLayer application in Okta: 1. Log into your Okta admin portal 2. Go to the **Applications** tab, click **Browse app catalog**, search for **NordLayer**, select it, and then click **Add integration** 3. Enter **NordLayer** as the application name and input your NordLayer organization identifier 4. After clicking **Done**, open the application's **Sign-on** tab, click **Edit** in the **Settings** window. ![Screenshot 2024-04-12 at 11.12.15 1.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Screenshot%202024-04-12%20at%2011.12.15%20%281%29.png) 1. Adjust the **Application username format** to **Email**. Don't forget to hit **Save** ![Screenshot 2024-04-12 at 11.12.34 1.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Screenshot%202024-04-12%20at%2011.12.34%20%281%29.png) 1. Customize the **Assignments** section as needed and click **Save** 2. Back in the **Sign-on** tab, note the Client ID and Client Secret for later use 3. Now you may navigate to the** NordLayer Control Panel** at our website, go to **Settings** and select **Login methods**, and under **Single sign-on (SSO)**, toggle the **Okta switch** 4. Here, you'll input: Paste the **Client ID** from Okta. Paste the **Client Secret** from Okta. Then, use your Okta domain in the format ``` https://your-okta-domain.okta.com ``` Replace *your-okta-domain* with your actual domain. 10. Click Save to complete the setup. Notes - SSO is enabled for both the Control Panel and NordLayer VPN apps, as well as the Browser Extension - You're free to activate multiple SSO methods concurrently - Optionally, you can disable email and password authentication, making SSO your exclusive login method. After your Okta integration with NordLayer is all set, you’ll have a more streamlined and secure access method for your team. ## Manually set up Okta application for SSO Here’s how to set up SP-initiated Okta SSO integration: 1. Start by logging into your **Okta Admin portal** 2. Navigate to **Applications** and select **Applications** again 3. Choose **Create App Integration**, then select the **OIDC - OpenID Connect** option 4. Select **Web Application** at the page’s bottom and click **Next** to open the **New Web App Integration** window 5. Name your application **NordLayer** 6. For the **Sign-in redirect URL**, enter ``` https://auth.nordlayer.com/v2/oauth/{identifier}/resolution ``` where {identifier} is the organization identifier 7. Customize the **Assignments** section as needed and click **Save**. You’ll then be directed to the application’s **General** page. Here, copy the **Client ID** and **Client Secret** values. 8. Click on the **Sign On** tab and copy your **Issuer** parameters. 9. With these values, head over to the **NordLayer Control Panel** on our website, navigate to **Settings**, then [Login methods](https://cp.nordlayer.com/settings/login-methods/), and select **Okta**. You'll be prompted to enter the following five values: **Client ID**: The value copied from the Okta dashboard. **Client Secret**: The value copied from the Okta dashboard. **Issuer**: Replace *your-okta-domain* with your actual domain in ``` https://your-okta-domain.okta.com ``` ![Settings - Login methods - Entra ID parameters 4.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Settings%20-%20Login%20methods%20-%20Entra%20ID%20parameters%20%284%29.png) 1. Submitting this information allows your organization members to log into the NordLayer app or Control Panel using Okta SSO. Notes - SSO is enabled for the Control Panel, VPN apps, and the Browser Extension. - You can use multiple SSO methods simultaneously. - It's possible to exclusively use SSO by disabling email & password authentication. Other SSO providers like [Google](https://help.nordlayer.com/docs/google-3rd-party-authentication), [JumpCloud](https://help.nordlayer.com/docs/jumpcloud-3rd-party-authentication), [Entra ID](https://help.nordlayer.com/docs/azure-3rd-party-authentication), and [OneLogin](https://help.nordlayer.com/docs/sso-onelogin-3rd-party-authentication) can also be integrated by following their respective guides available in the Control Panel. --- **Note**: In case you have any questions or are experiencing any issues, please feel free to contact our [24/7 customer support team](/docs/how-do-i-contact-nordlayer-customer-support).