LogoLogo
Login to CortexBook a DemoCortex Academycortex.io
  • Cortex Docs
  • Cortex Quick Start
  • Ingesting data into Cortex
    • Managing Entities
      • Adding entities
        • Add services
        • Add domains
        • Add teams
        • Add custom entity types
        • Defining dependencies
      • Entity details page
      • Defining ownership
      • Defining relationship types
      • Grouping entities
      • Adding external documentation
      • Adding Deploy data
      • Adding custom data
      • Viewing discovered entities
      • Archiving entities
      • Relationship graph
      • Using On-call Assistant for incidents
      • Managing Terraform infra in Cortex
    • Managing Catalogs
    • Integrations
      • Internally hosted integrations
      • ArgoCD
      • AWS
      • Azure DevOps
      • Azure Resources
      • BambooHR
      • Bitbucket
      • BugSnag
      • Buildkite
      • Checkmarx
      • CircleCI
      • ClickUp
      • Codecov
      • Coralogix
      • Custom webhook integrations
      • Datadog
      • Dynatrace
      • Entra ID (Azure AD)
      • FireHydrant
      • GitHub
      • GitLab
      • Google
      • Grafana
      • incident.io
      • Instana
      • Jenkins
      • Jira
      • Kubernetes
      • LaunchDarkly
      • Lightstep
      • Mend
      • Microsoft Teams
      • New Relic
      • Okta
      • Opsgenie
      • PagerDuty
      • Prometheus
      • Rollbar
      • Rootly
      • Sentry
      • ServiceNow
      • Slack
      • Snyk
      • SonarQube
      • Splunk Observability Cloud (SignalFx)
      • Splunk On-Call (VictorOps)
      • Sumo Logic
      • Veracode
      • Wiz
      • Workday
      • xMatters
  • Scorecards
    • Initiatives and Action items
      • Creating issues based on Initiatives
    • Scorecard rule exemptions
    • Scorecard rule filters
    • Scorecard examples
    • Scorecards as code
  • Reports
    • Executive report
    • All Scorecards report
    • Bird's eye report
    • Progress report
    • Report card
  • Eng Intelligence
    • Custom Metrics
    • Jira Metrics
    • Metrics Explorer (Beta)
  • Cortex Query Language (CQL)
    • Using CQL reports
    • Using JQ in Cortex
  • Workflows
    • Creating a Workflow
      • Workflows as code
    • Blocks
    • Running a Workflow
    • Registering a Scaffolder template
      • Scaffolder advanced usage
    • Using a Workflow to sync in ArgoCD
    • Kicking off a Jenkins pipeline in a Workflow
    • Calling internal service endpoints in a Workflow
  • Plugins
    • Creating a plugin
      • Creating a plugin proxy
    • Migrating Backstage plugins to Cortex
  • Engineering homepage
  • Workspace Settings
    • Using GitOps for Cortex
      • GitOps logs
    • Managing users
      • Roles and permissions
        • Custom roles
        • Team ownership entity editing
      • Configuring SSO
        • Microsoft Entra ID
        • Google
        • Other OIDC providers
        • Okta
          • Okta SCIM
      • Configuring identity mappings
      • Onboarding management
    • API keys, secrets, and tokens
      • Secrets
      • Personal tokens
    • Audit logs
    • Entity settings
      • Data verification
      • Auto archiving entities
    • IP allowlist
    • Notifications
      • Notification logs
    • Customizing your workspace
    • Using search in Cortex
  • Cortex API
    • REST API operations
      • API Keys
      • Audit Logs
      • Catalog Entities
      • Custom Data
        • Custom Data (Advanced)
      • Custom Events
      • Custom Metrics
      • Dependencies
      • Deploys
      • Discovery Audit
      • Docs
      • Eng Intel: User Labels
      • Entity Relationship Types (Beta)
      • Entity Relationships (Beta)
      • Entity Types
      • GitOps Logs
      • Groups
      • Initiatives
      • Integrations APIs
        • Azure Active Directory (Entra ID) API
        • Azure Resources API
        • AWS API
        • Azure DevOps API
        • CircleCI API
        • Coralogix API
        • Datadog API
        • GitHub API
        • GitLab API
        • incident.io API
        • LaunchDarkly API
        • New Relic API
        • PagerDuty API
        • Prometheus API
        • SonarQube API
      • IP Allowlist
      • Notification Logs
      • On call
      • Packages
      • Plugins
      • Queries
      • SCIM
      • Scorecards
      • Secrets
      • Team Hierarchies
      • Teams
      • Workflows
Powered by GitBook
On this page
  • Configuring Okta SSO with the Cortex OIN app
  • Configuring Okta SSO with your own app

Was this helpful?

Export as PDF
  1. Workspace Settings
  2. Managing users
  3. Configuring SSO

Okta

Last updated 2 months ago

Was this helpful?

In this guide, we'll look at the two ways to configure Okta SSO in Cortex: through or by creating your own.

Configuring Okta SSO with the Cortex OIN app

1. Add the Cortex app

Cortex's OIN app takes care of most of the steps involved in setting up Okta SSO. Add the integration from or from the App integration catalog available under Applications in your Okta instance.

2. Copy the client ID and client secret

Once the app is installed, go back to the Applications page in your Okta admin console and select the Cortex app from your list of applications.

Click the Sign On tab to find the Client ID and Client Secret.

3. Get the issuer URI

4. Go to Cortex settings

Select Okta under Type and enter the following information:

  • Identifier: The Client ID from step 2.

  • Secret: The client secret created in step 2.

  • Issuer: The issuer URI from step 3.

Once you click save, users will only have the option to sign in to Cortex via Okta.

Configuring Okta SSO with your own app

1. Create an Okta app integration

From your Okta admin console, navigate to Applications and select Create App Integration.

In the modal, select OIDC - Open ID Connect from the sign-in method options and Web Appplication under application type.

On the next page, you can enter more details about the app, including a name, logo, and grant type.

On-prem Cortex users should replace existing URI under Sign-in redirect URIs with https://cortex.backend.url/login/oauth2/code/okta. The Sign-out redirect URIs should be https://cortex.backend.url/logout.

Auto sign-on

You can bypass the login screen and enable automatic sign-on by creating a custom Okta app with the following configurations:

  • Grant type: Authorization Code

  • Redirect URI: https://cortexapp.auth0.com/login/callback

  • Sign-in redirect URI: https://app.getcortexapp.com/login?tenantCode=TENANT_CODE

2. Copy the Client ID and Client Secret

Once you save the app, you'll be taken to its overview page. From the General tab, copy the Client ID under Client Credentials and the secret under Client Secrets.

3. Go to Cortex settings

Select Okta under Type and enter the following information:

  • Identifier: The Client ID from step 2.

  • Secret: The client secret created in step 2.

  • Issuer: Your Okta account domain.

Instructions for finding your Okta issuer URI can be found . It should look like https://.okta.com.

Go to in Cortex under Authentication and access.

Go to in Cortex under Authentication and access.

here
OpenID Connector settings
OpenID Connector settings
Cortex's app in the Okta Integration Network
this page