Introduction
This document explains how to configure an Identity Provider (IDP) profile in the Tenant Admin Portal.
Prerequisite
IDP profile must be created in Tenant Admin Portal. For further details, see How to create IDP Profile for OIDC-Okta
Steps to configure OIDC-Okta IDP Profile
On the home page of the Tenant Admin Portal, select Auth Policies > Identity Provider.
The Identity Provider Profiles page is displayed.
Select an IDP Profile Name to edit.
The details page is displayed.
Do the following:
Click Save.
The IDP Profile is configured.
Configure Details tab
The Details tab is used to view and manage the basic information such as IDP Name, IDP Description, etc. for the identity provider configured in the Tenant Admin Portal.
To configure the Details tab, do the following:
Edit the IDP Profile Name. (if required)
Enter Description. (optional)
Do one of the following:
Select the required WebKey application from the Select WebKey Application dropdown list.
(OR)
Click Make Default to set this IDP as the default. (Optional)
Click Save.
Note: If another IDP is currently set as default, it will be replaced upon confirmation.
To make IdP as default, click Make Default. The confirmation box is displayed.
Click Set as Default to designate the preferred IDP as default.
Details tab is configured successfully.
Oloid Metadata tab
This section provides Oloid Metadata information for Okta settings.
Click Visit help page for the document to configure Okta settings for SSO login. Generate the parameters in Okta Admin console and add these to Okta Settings tab to set up the integration between Okta and Oloid.
Configure IDP Settings tab
The IDP Settings tab is used to configure and upload the required OIDC details to enable authentication between the identity provider and Tenant Admin Portal.
To configure the IDP settings tab, do the following:
Enter IDP ID.
You can find the IDP ID from your OKTA Admin Console under Security > Identity Providers.Enter Application Client ID.
You can find the Application Client ID from your OKTA Admin Console under Applications > Applications > General tab > Client Credentials.
Enter Authorize URL.
Enter https://{user-id}.okta.com/ in the Authorize URL field. For example,https://dev-10453970.okta.com/.Enter Redirect URL.
Enter https://{user-id}.okta.com/ in the Redirect URL field. For example,https://dev-10453970.okta.com/Enter Callback URL.
You can find the Callback URL as Redirect URL from your OKTA Admin Console under Security > Identity Providers.
Edit Secret.
You can find the Client Secret (Secret) from your OKTA Admin Console under Applications> Applications > General tab > Client Credentials.
Enter Home URL.
The Home URL is the redirect URL to go back to home page.
Enter Home Button Label.
This text will show up as button label for Home URL.
Click Save.
Configure Claims
The Claims tab is used to configure custom claims that pass user attributes from Oloid to the OIDC provider.
Do the following:
Add Custom Claims
Custom Claims allow the admin to map Oloid user attributes to OIDC attributes.
In the Custom Claims section, click Add Field.
In the OIDC Attribute field, enter the attribute name expected by the OIDC provider.
In the Oloid Value dropdown, select the corresponding Oloid attribute (for example, Oloid ID).
Note: Click Add Field to add additional claim items.
Click Save.
The Custom claims are configured.
Authentication Methods References (AMR) Claims
AMR Claims indicate how a user was authenticated during the login process.
In the AMR Claims section enter the authentication method value.
Click Add to include the value.
Note: Click Add to add additional AMR claim items.
Click Save.
The IDP is successfully configured.
Keywords
| Configure OIDC Okta IDP Profile| Okta IDP configuration Tenant Admin Portal| OIDC identity provider setup| Configure IDP Oloid |