Single Sign-On (SSO) Configuration: Integration with Okta
This article provides a clear, step-by-step guide to setting up Single Sign-On (SSO) using the Okta platform. This integration helps administrators manage users and their access to multiple applications with a single login while ensuring secure data transfer.
1. Locate Your Okta Domain
Find your Okta domain in the header dropdown within your Okta account and prepend https:// before pasting it into Secure Privacy as the “Organization domain.”
Paste it as shown here:
2. Create Your API Token in Okta
Generate and copy an API token from Security → API in Okta.
Paste the token value into the Api token field on the SSO settings page in your Secure Privacy account.
3. Create an Authorization Server in Okta
Navigate to Security → API → Authorization servers in Okta and create a new Authorization server.
4. Create and Configure OIDC Web Application in Okta
Under Applications, create a new app integration:
- Select OIDC and Web Application.
- Enable Client credentials.
- Set the Sign-in redirect URL to https://cmp.secureprivacy.ai/callback.
Ensure all required "Scopes" are present and enabled:
Paste the Client ID and Client Secret from the Okta app into the respective fields in Secure Privacy:
5. Complete Setup
Your Okta users can now log in to Secure Privacy using their Okta credentials.
Common Issues & Fixes
- API Token Not Working
- Verify token validity and ensure it has the necessary permissions. Regenerate if expired.
- Authorization Server Configuration Errors
- Double-check settings in Okta’s Authorization server, including scopes and claims.
- Invalid Redirect URI
- Ensure the redirect URI in Okta matches exactly
https://cmp.secureprivacy.ai/callback. - Users Unable to Login
- Confirm users have been added and assigned roles in Okta.