SSO with Okta
How to set up single sign-on for Openli with Okta
Last updated
How to set up single sign-on for Openli with Okta
Last updated
Openli supports what Okta calls "Service Provider (SP)-Initiated Authentication (SSO) Flow". This means that you must log in via , not via the "Openli" app in your Okta account. If you try to log in via the "Openli" app in Okta, you will receive the following error:
Management of users on your Openli account must be done from within your Openli account. Openli does not support automatic user provisioning.
, navigate to the Single Sign-on section and enable the option "Use Okta for single sign-on":
Install the Openli application in your Okta instance.
On the Okta admin page, click on the Openli application and then navigate to the Sign On tab. Next, you will need to copy the values you see here for Client ID and Client secret to your Openli account.
Paste the values of Client ID and Client secret from your Okta account to the corresponding fields in your single sign-on settings in your Openli account.
On the Okta admin page, navigate to the link titled OpenID Provider Metadata. Click this link. In the JSON document shown, look for a key titled issuer and copy the URL-value (without quotes) to the Okta client issuer field in your Openli Single sign-on settings.
All general considerations from Setting up SSO (Single Sign-On)will now apply. Most importantly, make sure that the emails of employees/users you invite into your Openli account exactly match their Okta accounts. Your users can now sign in to their Openli accounts using Okta.
To log in to the Openli platform using Okta, simply click the Okta button and authenticate with your Okta account:
Contact and tell us which domain you want to register as your SSO domain. When we have confirmed that this is set up, your SSO domain will show under Single sign-on in your Openli settings.
