Versions Compared

Old Version 1

changes.mady.by.user Ryan Seymour

Saved on

compared with

New Version Current

changes.mady.by.user Ryan Seymour

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents

...

Okta - Overview

...

Info

You can configure Okta (OIDC using OpenID Connect) as an Identity Provider in Zitadel to log in with the external provider option during login

...

info

to the ConnectSecure portal.

Zitadel for ConnectSecure: https://authprod.myconnectsecure.com

ConnectSecure Portal: https://portal.myconnectsecure.com

...

Okta - Setup

Register New Client

  1. Log in to your Okta account and visit the applications list <OktaDomain/admin/apps/active>

  2. Click on ‘Create App Integration’ and choose ‘OIDC - OpenID Connect’

  3. Choose Web Application as Application Type and give it a name

  4. Add the sign-in redirect URIs

  5. Select the sign-in method as OpenID-Connect

  6. Select Application Type as Web Application

...

  1. Sign-in redirect URLs {your-domain}/ui/login/login/externalidp/callback

Example: URL for domain https://acme-gzoe4x.zitadel.cloud would look like this:

...

  1. Copy the Issuer URL and paste it under the Zitadel OIDC provider.

...

Zitadel - Setup

Add Custom Login Policy

  1. Go to Settings and choose Login Behavior.

  2. Enable the attribute ‘External IDP Allowed’

...

Field

Description

Name

Give the OIDC Provider a name

Example: Okta

Issuer

The domain of your Okta account

Example: https://trial-1925566.okta.com

Client ID

Generated from the application created in Okta; see step 1 from Create New Application above

Scopes

OpenID, Profile, Email is preconfigured

Automation Creation

If this setting is enabled the user will be created automatically within Zitadel, if it does not exist.

Automate Update

Ifi this setting is enabled, the user will be updated in Zitadel if user data is changed within the provider.

Example: Last name is changed in Okta, the information will be changed in Zitadel account on next log in.

Account Creaetion Allowed

This setting determines if afccount creation within Zitadel is allowed or not allowed.

Account Linking Allowed

This setting determines if account linking is allowed. When logging in with a Okta account, a linkable Zitadel account has to exist already.

Activate Identify Provider

Once you create the provider, it will be listed in the Identity Providers overview. Activate it by selecting the tick with the tooltip set as available.

Note

If you deactivate a provider, your users with a link to it will not be able to authenticate. You can reactivate it, and the login will work again.

...

Access the ConnectSecure Portal Using External Authentication

  1. Browse to https://portal.myconnectsecure.com

  2. Enter your Tenant Name and tap Use External Authentication

...

  1. If a User already exists, Link the user. If the user does not exist, register a new user.

...

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

...