Okta
Last updated
Was this helpful?
Last updated
Was this helpful?
In this guide, we'll look at the two ways to configure Okta SSO in Cortex: through or by creating your own.
Cortex's OIN app takes care of most of the steps involved in setting up Okta SSO. Add the integration from or from the App integration catalog available under Applications in your Okta instance.
Once the app is installed, go back to the Applications page in your Okta admin console and select the Cortex app from your list of applications.
Click the Sign On tab to find the Client ID and Client Secret.
Select Okta under Type and enter the following information:
Identifier: The Client ID from step 2.
Secret: The client secret created in step 2.
Issuer: The issuer URI from step 3.
Once you click save, users will only have the option to sign in to Cortex via Okta.
From your Okta admin console, navigate to Applications and select Create App Integration.
In the modal, select OIDC - Open ID Connect from the sign-in method options and Web Appplication under application type.
On the next page, you can enter more details about the app, including a name, logo, and grant type.
On-prem Cortex users should replace existing URI under Sign-in redirect URIs with https://cortex.backend.url/login/oauth2/code/okta. The Sign-out redirect URIs should be https://cortex.backend.url/logout.
Auto sign-on
You can bypass the login screen and enable automatic sign-on by creating a custom Okta app with the following configurations:
Grant type: Authorization Code
Redirect URI: https://cortexapp.auth0.com/login/callback
Sign-in redirect URI: https://app.getcortexapp.com/login?tenantCode=TENANT_CODE
Once you save the app, you'll be taken to its overview page. From the General tab, copy the Client ID under Client Credentials and the secret under Client Secrets.
Select Okta under Type and enter the following information:
Identifier: The Client ID from step 2.
Secret: The client secret created in step 2.
Issuer: Your Okta account domain.
Instructions for finding your Okta issuer URI can be found . It should look like https://.okta.com.
Go to in Cortex under Authentication and access.
Go to in Cortex under Authentication and access.
