Last updated

Create OIDC application with Okta

This guide outlines the steps to create and configure a OIDC application in Okta, including setup, user assignments, and metadata submission.

Step 1: Create OIDC Integration

  1. Log in to your Okta Application Dashboard and click Applications in the sidebar.

okta

  1. Click Create App Integration.

okta

  1. Click Create New App and choose OIDC - OpenID Connect as the Sign-in method. Then, click Next.

okta

  1. Select Web Application as the Application type, then click Next.

okta

Step 2: Configure OIDC App

  1. Enter the name of your application:

okta

  1. Make sure to select Client Credentials if the client is acting on its own behalf.

okta

  1. Fill the Sign-in redirect URI and the Sign-out redirect URI.

okta

okta

Step 3: Add users to OIDC app

In order to test out SSO authentication, you will first need to assign your Okta SAML app to Groups.

  1. Scroll to the Assignments tab of the app and then select Limit access to selected groups.

okta

  1. Locate the specific group(s) you wish to assign to the app and click Assign next to each of them. Once finished, click Save.

Step 4: Provide your Issuer URL

In order to connect the OIDC your identity provider's configuration with the application.

Custom Domain as issuer URL

  1. In your Okta Application Dashboard go to Domain under Customizations in the sidebar.
  2. Locate the Custom Domain under the Redirect URL.
  3. Copy the Custom Domain.

okta

  1. Paste the URL below.

okta

Valid URL

If the issuer URL is correct, it will show a green checkmark; if not, ensure the URL is valid and try again.

Okta Domain as issuer URL

  1. Click on the Account button on the top-right corner of the OIDC app you just created.
  2. Locate the Okta Domain inside the popup (Ex: "dev-[APP_ID].okta.com").
  3. Click Copy button.

okta

  1. Paste the URL below.

okta

Valid URL

If the issuer URL is correct, it will show a green checkmark; if not, ensure the URL is valid and try again.

Step 5: Submit Identity Provider Config

In order to connect the OIDC your identity provider's configuration with the application:

  1. Click on the General tab of the OIDC app you just created.
  2. Locate the Client ID under the Client Credentials.
  3. Locate the Secret Key under the Client Secrets.
  4. Copy both values, then paste it below.

okta

okta

Step 5: Proceed with domain claiming and role assignment

  1. Click on Proceed with domain claiming and role assignment to confirm the completion the configuration of the IDP form.
  2. Follow the instructions in the Self-service OIDC configuration guide to complete this step and manage authorization.