What you will need
Okta as your identity management provider.
An Okta user with permissions to create Application Installations.
Process overview
Add Athenian as a new Application Integration to Okta via OpenID Connect
Authorization Server Settings & Testing
Provide Athenian the details about the Okta App and Auth Server
1. Add Athenian as Application Integration to Okta
1.1. Create a new application
In Okta, navigate via the left menu to Applications -> Applications and click Add Application.
Then Create New App.
In the modal, select the options:
Platform: Web
Sign on method: OpenID Connect
Then, fill in the fields according to the details below:
Application name: Athenian
Login redirect URIs: https://athenian-production.auth0.com/login/callback
1.2. Configure the application created
Once you save the settings, you will be directed to the new application settings screen. Select the General tab and Edit the General Settings accordingly.
Allow the following grant types.
And fill in the following field:
Initiate login URI: https://athenian-production.auth0.com/login/callback
Afterward, switch to the Okta API Scopes tab and Grant the following three permissions:
okta.users.manage.self
okta.users.read
okta.users.read.self
1.3. Assign users to the application
Then go to the Assignments tab and Assign Users and/or User Groups that will have access to Athenian.
Note: Athenian users assigned here are unlimited and do not count towards your billing.
1.4. Take note of the Client Credentials
Finally take note of the Client Credentials in a secure place, as we'll need those to finalize the integration on Athenian's side:
Congratulations! You are done with the 1st step of setting up Okta for Athenian. The next step is testing the new application against your Authorization Server.
2. Authorization Server Settings & Testing
2.1. Take note of Authorization Server Settings
Still, in Okta, navigate via the left menu to Security -> API. In the Authorization Servers tab, click on the name of your Authorization Server.
Now in the Settings panel, take note of the following details in a secure place, as we'll need those to finalize the integration on Athenian's side:
Name
Audience
Issuer
Metadata URI
2.2 Test the Authorization Server
Now it’s time to test if your Athenian + Okta integration has successfully been set up. Switch to the Token Preview tab and fill out the following values:
OAuth/OIDC client: Athenian
Grant type: Authorization Code
User: Pick a user you have previously assigned to Athenian
Scopes: openid, profile
Press Preview Token, and if the integration has been successful you should see a similar response.
3. Share the details of the App and Auth Server with Athenian team
In order to complete the integration with Okta, we need you to provide us the following details:
Client Credentials (ClientID + Client Secret)
Authorization Server Settings (Name + Audience + Issuer + Metadata URI)
Congratulations! You have successfully integrated your Okta with Athenian.