Okta

Okta is an identity management and access control platform that allows organizations to manage their users, groups, and devices in a central location, and control their access to different resources based on policies and rules. Okta supports various authentication and authorization standards and protocols, including SAML and OIDC (see below for more on these protocols).

This section covers the Okta SSO integration. Topics covered:

  • Creating users in Okta
  • Creating and assigning groups
  • Adding the groups claim

You will need an Okta account to begin. For testing purposes, Okta provides an unlimited free tier called the Starter Plan. See the Okta Getting Started guide for more information.

Create Users in Okta

  1. Navigate to Directory > People.
  2. Click Add Person.
  3. Enter values into the fields for First Name, Last Name, Username and Email.
  4. Once the user has been created, assign the user to the application by clicking the user's name, then clicking Assign Applications.
  5. Locate and select the OIDC application from the list.

example of assigning applications

Create and Assign Groups in Okta

  1. Navigate to Directory > Groups.
  2. Click Add Group.
  3. Enter a name and description for the group. Take note of the group name as this will be used later.
  4. Select the newly created group from the list, then click Manage People. This will display a list page where you can select the users who will be members of the group.

example of adding users in okta

Add the Groups Claim

In order for the Mindful application to read your Okta groups, you'll need to do a bit more setup.

  1. Navigate to Security > API.
  2. Click the default authentication server listed.
  3. Click the Scopes tab, then click Add Scope.
  4. Enter the following values, then click Create.
  5. Next, click the Claims tab, then click Add Claim.

  6. Enter the following values, then click Create.

image of the add scope modal window

image of the add claim modal window