OKTA (OIDC) Setup for SSO
Our identity platform, Talentech ID, supports Single Sign On via OpenID Connect. This guide describes how this can be configured using OKTA as identity provider. To get started, you need to contact us in order to configure your system for Single Sign On. You will then get a URL from us to enter in your OKTA App configuration. Then you need to provide us the Client ID, Client Secret and endpoint URL before you are ready to go.
Step by step
1. Create a new OKTA App
Open the OKTA portal, navigate to Applications and click Create New App.
Select OpenID Connect and click ‘Create’
Give the app a name and click save. For security reasons, we highly recommend using the Authorization code + PKCE flow. However, if you for some reason cannot use this flow, then you also need to check the boxes ‘Implicit (Hybrid)’ and ‘Allow ID token with implicit grant type’.
Lastly, you need to add the redirect URI provided by us. If you haven't recieved it, please contact us.
2. Send us your Client ID, Client Secret and Sign On URL
Under the ‘General’ tab on the app, please copy the value in the Client ID and Client Secret and send them to us.
The Sign on url can be found in the ‘Issuer’ field of the OpenID Connect ID Token box.
Send us these bits of info so that we can add them in our side of the configuration.
3. Test the configuration
Once the configuration is complete, we will send you a test URL. This will redirect you from Talentech ID to your organization’s sign in page, where you’ll enter your credentials and log in. You’ll then be redirected back to Talentech ID where you’ll be presented with a test report stating whether or not the configuration is set up correctly. Once everything indicates success, we’re ready to activate the setup.