Okta SSO
Cortex supports configuring Single Sign-On (SSO) with Okta to protect access to your Cortex workspace. Additionally, you can configure Okta SCIM with Cortex.
Cortex also supports an integration to track Okta teams and team members as entity owners as well as create Scorecards involving your Okta teams. See the Okta integration page for more information.
How to configure Okta SSO for Cortex
There are two options to configure Okta SSO in Cortex:
Installing the Cortex app in the Okta Integration Network (OIN)
This option provides a simplified setup for most standard use cases. It is compatible with Okta SCIM provisioning features.
Creating your own app
This option is best if you need more flexibility in configuring redirect behavior, want to configure automatic sign-on, or if you require multiple or advanced configurations.
You must have the Configure OpenID Connector & SCIM
permission.
Step 1: Install the Cortex OIN app
Cortex's OIN app configures the initial steps for Okta SSO.
Install the Cortex app from Okta's app list.
Alternatively, in your Okta instance you can navigate to Applications then select Cortex from the App integration catalog.
Step 2: Copy the client ID and client secret
In Okta, navigate to the Applications page and select the Cortex app from your list of applications.
Click the Sign On tab.
Copy the values of the client ID and client secret. Store them in a secure location, as you will need these in the next steps.
Step 3: Obtain your issuer URI
In Okta, each authorization server has a unique issuer URI. See Okta's instructions for information on finding your Okta issuer URI. It should look like https://{okta-domain}.okta.com
.
Step 4: Configure SSO in Cortex
In your Cortex workspace, navigate to Settings > OpenID Connector.
Configure the form:
Type: Select
Okta
.Identifier: Enter the client ID from Step 2.
Secret: Enter the client secret from Step 2.
Issuer: Enter the issuer URI from Step 3.
At the bottom of the page, click Save.
After saving your configuration, users will only have the option to sign in to your Cortex workspace via your Okta account.
Last updated
Was this helpful?