OKTA Configuration

Prev Next

Creating a New App Integration in Okta

  1. Log in to your Okta dashboard.

  2. Navigate to Applications.

  3. Click Create App Integration.

  4. Select OIDC – OpenID Connect and Single-Page Application as the integration type.

  5. Fill in the relevant information. For the Sign-in redirect URIs, include your application host followed by /app (e.g., https://yourappdomain.com/app).

  6. Note down the following:  

    • Okta Domain

    • Client ID

Setting Up API Container Environment Variables

Prerequisite: Custom SSL Configuration

OIDC integrations require the use of HTTPS. Follow the guide for creating a custom SSL configuration: Custom SSL Configuration Guide

Once the custom SSL setup is complete, edit the Docker Compose file to include the following environment variables. Replace placeholders (OKTA DOMAIN and CLIENT ID) with the values noted earlier:

api:
  environment:
    OIDC_EMAIL_CLAIM: email
    AUTH_METHOD: Oidc
    # AD_NEW_USER_STRATEGY options: RequiresInvitation | AddAsReader | AddAsEditor

web:
  environment:
    OIDC_AUTHORITY: "okta"
    OIDC_WELL_KNOWN_URI: "https://OKTA DOMAIN/.well-known/openid-configuration"
    OIDC_REDIRECT_URI: "${HOST_PROTOCOL}${HOST_ADDRESS}/app"
    OIDC_CLIENT_ID: "CLIENT ID"
    OIDC_SCOPE: "openid email profile"