open-vault/website/content/docs/auth/jwt/oidc-providers/okta.mdx

20 lines
759 B
Plaintext
Raw Normal View History

---
layout: docs
page_title: OIDC Provider Setup - Auth Methods - Okta
description: OIDC provider configuration for Okta
---
## Okta
1. Make sure an Authorization Server has been created. The "Issuer" field shown on the Setting page
will be used as the `oidc_discovery_url`.
1. Visit Applications > Add Application (Web).
1. Configure Login redirect URIs. Save.
1. Save client ID and secret.
Note your policy will need `oidc_scopes` to include `profile` to get a full profile
("[Fat Token](https://support.okta.com/help/s/article/Okta-Groups-or-Attribute-Missing-from-Id-Token)").
You will also need to configure bound audience along the lines of
`"bound_audiences": ["api://default", "0a4........."]` if you are using the default
authorization server.