Openli
IntroductionGetting StartedTechnical DocumentationGet help
  • Getting started
    • Introduction
    • Dictionary
    • FAQ
      • IAB TCF v2.0
  • Privacy hub
    • How to create your privacy profile
    • How can I get an Openli Privacy Badge?
    • Vendor owners
    • Why are custom properties on vendors super valuable?
    • Setting up custom properties
  • Tasks
  • Cookie Consent Management
    • Quickstart
    • Checklist: Cookies
    • Cookie widget
      • Create a cookie policy
      • Create a cookie widget
      • Install the widget
      • Manually add any cookies
      • Customise your widget
      • How to get color codes
      • Set the widget language
      • Use custom link/button instead of Cookie Shield
      • Add company name to cookie pop-up
    • Categorise your cookies
    • Adding information to cookies
    • Adding information to your cookie providers
    • Blocking Cookies with Openli
    • Cookie expiration dates and lifespan
      • Changing expiration on Google Analytics cookies
  • Policy and agreement management
    • Generate your privacy policy
    • Changing an old cookie policy to a new on autopilot
    • Embed your policies and legal agreements
      • Embedding agreements without displaying a widget
    • Install the Privacy Badge
  • General Openli guides
    • Setting up SSO (Single Sign-On)
      • SSO with Azure AD (Microsoft)
      • SSO with Google
      • SSO with Okta
      • How to log in with SSO
    • Add a website to your Openli account
    • Using projects to handle multiple languages
    • Collect consents without storing IP addresses or user-agents
  • Technical documentation
    • Widget
      • Collect cookie consent
        • Blocking cookies
        • Blocking embedded media
        • Cookie-widget options
        • Consent state API
    • API
      • Services
        • Personal data
        • Subprocessors
    • Cookies set by Openli
  • System Specific Integration Guides
    • Cloudflare
  • Legacy integrations
    • Google Consent Mode
    • Google Tag Manager
      • Block cookies with GTM
      • Install Openli with GTM
      • Prevent triggers from firing in GTM
    • HubSpot
    • Pardot
    • Shopify
      • Install cookie widget
      • Integrate consent with checkout
    • Square Online
    • Squarespace
    • Webflow
    • Wix
Powered by GitBook
On this page
  • General information
  • Configuration steps
  • In your Openli account, part 1
  • In your Okta account, part 1
  • In your Openli account, part 2
  • In your Okta account, part 2
  • Final steps
  • Notes
  1. General Openli guides
  2. Setting up SSO (Single Sign-On)

SSO with Okta

How to set up single sign-on for Openli with Okta

PreviousSSO with GoogleNextHow to log in with SSO

Last updated 9 days ago

General information

Openli supports what Okta calls "Service Provider (SP)-Initiated Authentication (SSO) Flow". This means that you must log in via , not via the "Openli" app in your Okta account. If you try to log in via the "Openli" app in Okta, you will receive the following error:

403 User performed OIDC single sign-on to app - failure: missing_initiate_login_uri

Management of users on your Openli account must be done from within your Openli account. Openli does not support automatic user provisioning.

Configuration steps

In your Openli account, part 1

, navigate to the Single Sign-on section and enable the option "Use Okta for single sign-on":

In your Okta account, part 1

Install the Openli application in your Okta instance.

On the Okta admin page, click on the Openli application and then navigate to the Sign On tab. Next, you will need to copy the values you see here for Client ID and Client secret to your Openli account.

In your Openli account, part 2

Paste the values of Client ID and Client secret from your Okta account to the corresponding fields in your single sign-on settings in your Openli account.

In your Okta account, part 2

On the Okta admin page, navigate to the link titled OpenID Provider Metadata. Click this link. In the JSON document shown, look for a key titled issuer and copy the URL-value (without quotes) to the Okta client issuer field in your Openli Single sign-on settings.

Final steps

All general considerations from Setting up SSO (Single Sign-On)will now apply. Most importantly, make sure that the emails of employees/users you invite into your Openli account exactly match their Okta accounts. Your users can now sign in to their Openli accounts using Okta.

Notes

To log in to the Openli platform using Okta, simply click the Okta button and authenticate with your Okta account:

Contact and tell us which domain you want to register as your SSO domain. When we have confirmed that this is set up, your SSO domain will show under Single sign-on in your Openli settings.

success@openli.com
Openli's webapp
In the Openli Settings page
Okta single sign-on settings in Openli
Log in with Okta using the "Okta" button instead of a username and password.