Skip to content

Okta Authentication Registration

Sequel Security Services allows external providers for authentication like Okta. This registration process should be done for each client.

This document describes preliminary steps to be done by Sequel Clients to register a Sequel Application in Okta.

Registering Sequel App at Okta

Registering an application in Okta using OpenId Connect is described at https://help.okta.com/en-us/Content/Topics/Apps/Apps_App_Integration_Wizard_OIDC.htm.

This document tries to provide samples of the process. Please, keep in mind that Okta UI could change since this document was released.

Required information

For registering an application in Okta we need the following information:

Application name

This is a friendly name for the application; we will suggest to use Sequel Authentication Service; but this can be changed and also it could include references to production or UAT environments (ie. Sequel Authentication Service - Production, Sequel Authentication Service - UAT).

Sign-in redirect URI

This is a public URI of the Sequel's authentication service. Usually, it looks like this: Sequel-AuthN-Base-URI/signing-okta-oidc (e.g. https://sequel_domain/Authentication/signing-okta-oidc). For this implementation the URI will be:

https://TO_BE_CONFIRMED/signing-okta-oidc

Redirect URI's are case sensitive.

Sign-out redirect URI

This is a public URI of the Sequel's authentication service. Usually, it looks like this: Sequel-AuthN-Base-URI/signout‐okta-oidc (e.g.https://sequel_domain/Authentication/signout-okta-oidc). For this implementation the URI will be:

https://TO_BE_CONFIRMED/signout-okta-oidc

Redirect URI's are case sensitive.

Register an application

As a summary of this process, we will have to perform the following steps:

  1. Sign in to the Okta domain portal.

  2. Select Applications > Applications > Create App Integration. Okta-RegisterApp-Applications.png

  3. In the Create a new app integration select OIDC - OpenID Connect and Web Application as shown above.

    Okta-RegisterApp-CreateApplication.png

  4. Add App integration name, check Implicit grant type and introduce Sign-in redirect URI and Sign-out Redirect URI and the desired Assigment policy as is shown above and press Save button.

Okta-RegisterApp-CreateApplicationDetails1.png

Okta-RegisterApp-CreateApplicationDetails2.png

  1. Client ID and Client Secret will be needed to complete settings for Okta provider in Security Authentication

Okta-RegisterApp-CreateApplicationDetailsSecrets.png

Registering users for SSO

Once Sequel App is registered in Okta, the next step is create the users in Sequel Security Services ensuring users are created using the same email provided by Okta in the claims. This email must be stored in the email or SsoUsername fields at the users records.