Close
logodocs

SSO with Okta

This document details the steps to set up Okta SSO to manage authentication for strongDM.

  1. Enable OpenID Connect: Confirm that OpenID Connect is enabled for your account. If it is not, please contact Okta support and request that they enable it. This can be completed in minutes.
  2. Create application: Click Add Application and select Web.
    Create new application
    Create new application
  3. Configure application: Name the application strongDM and input the Login redirect URI: https://app.strongdm.com/auth/return. Ensure Authorization Code and Refresh Token are both checked.
    Configure application
    Configure application
  4. Capture client ID and client secret: On the next page, note the Client ID and Client secret fields. You will need these values in the next step.
    Client ID and client secret
    Client ID and client secret
  5. Enter the account details in strongDM: In the strongDM app, go to "Settings" -> Authentication, choose Okta from the drop down menu and add your URL (https://<yourorg>.okta.com), ClientID, and Client Secret.
    Configure Okta in strongDM
    Configure Okta in strongDM
  6. Confirm Okta access: On the Okta side again, confirm that the email addresses for all users are identical in both strongDM and your SSO. Confirm that all users who you intend to grant database access have access to the strongDM application by default, and if all of the above is true, you should be ready to enable SSO.

If any errors occur or if the integration fails in any way, please contact support@strongdm.com for assistance.

Installation — Previous
SSO with Keycloak
Next — Installation
SSO with OneLogin v2