--- title: "Okta 3rd party authentication | Nordlayer Help" slug: "okta-3rd-party-authentication" description: "In order to enable Okta SSO as a login option for NordLayer, you will need to do the following: Log in to your Okta dashboard.Copy Client ID and Client secret values to enable SSO." updated: 2025-10-02T10:37:59Z published: 2025-10-02T10:37:59Z --- > ## Documentation Index > Fetch the complete documentation index at: https://help.nordlayer.com/llms.txt > Use this file to discover all available pages before exploring further. # Okta 3rd party authentication NordLayer enhances security and streamlines user management by supporting integration with Okta Single Sign-On (SSO). This integration means your team can access NordLayer using the same credentials they already use for other applications, authenticating their identity through Okta SSO. Additionally, NordLayer offers two approaches to integrate with Okta: a manual method and an option through the Okta app. We'll walk you through both methods in this guide. ## Set up NordLayer SSO using Okta application The Okta application enables users to initiate **Service Provider (SP-Initiated)** and **Provider Initiated (IdP-Initiated) SSO**. To set up NordLayer application in Okta: 1. Log into your Okta admin portal 2. Go to the **Applications** tab, click **Browse app catalog**, search for **NordLayer**, select it, and then click **Add integration** 3. Enter **NordLayer** as the application name and input your NordLayer organization identifier 4. After clicking **Done**, open the application's **Sign-on** tab, click **Edit** in the **Settings** window. ![Screenshot 2024-04-12 at 11.12.15 1.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Screenshot%202024-04-12%20at%2011.12.15%20%281%29.png) 1. Adjust the **Application username format** to **Email**. Don't forget to hit **Save** ![Screenshot 2024-04-12 at 11.12.34 1.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Screenshot%202024-04-12%20at%2011.12.34%20%281%29.png) 1. Customize the **Assignments** section as needed and click **Save** 2. Back in the **Sign-on** tab, note the Client ID and Client Secret Value for later use 3. Now you may navigate to the** NordLayer Control Panel** at our website, go to **Settings** and select **Login methods**, and under **Single sign-on (SSO)**, toggle the **Okta switch** 4. Here, you'll input: Paste the **Client ID** from Okta. Paste the **Client Secret Value** from Okta. Then, use your Okta domain in the format - (*Please note that domain is case-sensitive*) ``` https://your-okta-domain.okta.com ``` Replace *your-okta-domain* with your actual domain. 10. Click Save to complete the setup. Notes - SSO is enabled for both the Control Panel and NordLayer VPN apps, as well as the Browser Extension - You're free to activate multiple SSO methods concurrently - Optionally, you can disable email and password authentication, making SSO your exclusive login method. After your Okta integration with NordLayer is all set, you’ll have a more streamlined and secure access method for your team. ## Manually set up Okta application for SSO Here’s how to set up SP-initiated Okta SSO integration: 1. Start by logging into your **Okta Admin portal** 2. Navigate to **Applications** and select **Applications** again 3. Choose **Create App Integration**, then select the **OIDC - OpenID Connect** option 4. Select **Web Application** at the page’s bottom and click **Next** to open the **New Web App Integration** window 5. Name your application **NordLayer** 6. For the **Sign-in redirect URL**, enter ``` https://auth.nordlayer.com/v2/oauth/{identifier}/resolution ``` where {identifier} is the organization identifier 7. Customize the **Assignments** section as needed and click **Save**. You’ll then be directed to the application’s **General** page. Here, copy the **Client ID** and **Client Secret Value** values. 8. Click on the **Sign On** tab and copy your **Issuer** parameters. 9. With these values, head over to the **NordLayer Control Panel** on our website, navigate to **Settings**, then [Login methods](https://cp.nordlayer.com/settings/login-methods/), and select **Okta**. You'll be prompted to enter the following five values: **Client ID**: The value copied from the Okta dashboard. **Client Secret Value**: The value copied from the Okta dashboard. **Issuer**: Replace *your-okta-domain* with your actual domain (*Please note that domain is case-sensitive*) ``` https://your-okta-domain.okta.com ``` ![Settings - Login methods - Okta.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Settings%20-%20Login%20methods%20-%20Okta.png) 1. Submitting this information allows your organization members to log into the NordLayer app or Control Panel using Okta SSO. Notes - SSO is enabled for the Control Panel, VPN apps, and the Browser Extension. - You can use multiple SSO methods simultaneously. - It's possible to exclusively use SSO by disabling email & password authentication. Other SSO providers like [Google](https://help.nordlayer.com/docs/google-3rd-party-authentication), [JumpCloud](https://help.nordlayer.com/docs/jumpcloud-3rd-party-authentication), [Entra ID](https://help.nordlayer.com/docs/azure-3rd-party-authentication), and [OneLogin](https://help.nordlayer.com/docs/sso-onelogin-3rd-party-authentication) can also be integrated by following their respective guides available in the Control Panel. --- **Note**: In case you have any questions or are experiencing any issues, please feel free to contact our [24/7 customer support team](/docs/how-do-i-contact-nordlayer-customer-support).