SSO with Okta
This document details the steps to set up Okta SSO to manage authentication for strongDM.
- Enable OpenID Connect: Confirm that OpenID Connect is enabled for your account. If it is not, please contact Okta support and request that they enable it. This can be completed in minutes.
- Create application: Click Add Application and select Web.
- Configure application: Name the application strongDM and input the Login redirect URI:
https://app.strongdm.com/auth/return. Ensure Authorization Code and Refresh Token are both checked.
- Capture client ID and client secret: On the next page, note the Client ID and Client secret fields. You will need these values in the next step.
- Enter the account details in strongDM: In the strongDM app, go to "Settings" -> Authentication, choose Okta from the drop down menu and add your URL (
https://<yourorg>.okta.com), ClientID, and Client Secret.
- Confirm Okta access: On the Okta side again, confirm that the email addresses for all users are identical in both strongDM and your SSO. Confirm that all users who you intend to grant database access have access to the strongDM application by default, and if all of the above is true, you should be ready to enable SSO.
If any errors occur or if the integration fails in any way, please contact firstname.lastname@example.org for assistance.