LogoLogo
  • What is Kouncil?
  • Getting started
    • Installation
      • Deployment
      • Development
    • Configuration
      • Authentication
        • Local authentication
        • LDAP, LDAPS and AD authentication
        • SSO
          • GitHub
          • Okta
      • Authorization
      • SSL/TLS Configuration
        • Configuration
        • Kafka
          • TLS configuration
          • Broker SSL configuration
          • AWS MSK configuration
        • Schema Registry
          • SSL Configuration
          • SSL and Basic authentication
      • JMX
      • Logging
      • Websocket
      • Custom context path
      • Database
    • Features
    • FAQ
    • Roadmap
Powered by GitBook
On this page
  • Okta configuration
  • Kouncil configuration
Export as PDF
  1. Getting started
  2. Configuration
  3. Authentication
  4. SSO

Okta

PreviousGitHubNextAuthorization

Last updated 7 months ago

Okta configuration

In Okta, you have to create a new Web application with OIDC - OpenID Connect Sign-in method:

In the next step you have to configure callback URI, which should look like this: http://<your-application-url>/oauth

Before saving configuration you have to configure application assignments.

In the last step if you should configure groups claim filter to get user groups with access token. You can use any of the compare methods, Equals, Matches regex, etc. which will match your requirements and Okta groups configuration.

Kouncil configuration

In Kouncil you can configure Okta SSO by adding below snippet to your configuration file. You have to replace your-client-id, your-client-secret, your-application-url and your-domain-id

kouncil:
  auth:
    active-provider: sso
    sso:
      supported:
        providers: okta
spring:
  security:
    oauth2:
      client:
        registration:
          okta:
            client-id: <your-client-id>
            client-secret: <your-client-secret>
            redirect-uri: http://<your-application-url>/oauth
            scope: openid,profile,email,groups
        provider:
          okta:
            authorization-uri: https://<your-domain-id>/oauth2/v1/authorize
            token-uri: https://<your-domain-id>/oauth2/v1/token
            user-info-uri: https://<your-domain-id>/oauth2/v1/userinfo
            jwk-set-uri: https://<your-domain-id>/oauth2/v1/keys