20 lines
759 B
Plaintext
20 lines
759 B
Plaintext
---
|
|
layout: docs
|
|
page_title: OIDC Provider Setup - Auth Methods - Okta
|
|
description: OIDC provider configuration for Okta
|
|
---
|
|
|
|
## Okta
|
|
|
|
1. Make sure an Authorization Server has been created. The "Issuer" field shown on the Setting page
|
|
will be used as the `oidc_discovery_url`.
|
|
1. Visit Applications > Add Application (Web).
|
|
1. Configure Login redirect URIs. Save.
|
|
1. Save client ID and secret.
|
|
|
|
Note your policy will need `oidc_scopes` to include `profile` to get a full profile
|
|
("[Fat Token](https://support.okta.com/help/s/article/Okta-Groups-or-Attribute-Missing-from-Id-Token)").
|
|
You will also need to configure bound audience along the lines of
|
|
`"bound_audiences": ["api://default", "0a4........."]` if you are using the default
|
|
authorization server.
|