eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-05-03 12:52:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e7fcfb7e67d5df3e8a8a5da170f18fa4c6b98731
authentik/website/docs/users-sources/sources/social-logins/okta/index.md
Teffen Ellis 6ed5cb5249 website/docs: Modal and wizard button labels (#21549) 
* website/integrations: rename "Create with Provider" to "New Application"

The application list page now uses a split-button labeled
"New Application" instead of the old "Create with Provider" dropdown.
Update all 113 integration guides to match.

* website/docs: update flow, stage, and policy button labels

- "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons
- "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit
- "Create and bind stage" → "New Stage" / "Bind Existing Stage"
- "Create" (binding submit) → "Create Stage Binding"

* website/docs: update provider button labels

- "Create" → "New Provider" for trigger buttons
- "Create with Provider" → "New Application" in RAC docs
- "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt"
  for related entity creation

* website/docs: update directory button labels

- "Create" → "New Source" for federation/social login pages
- "Create" → "New Role", submit → "Create Role"
- "Create" → "New Invitation"
- Policy binding submit → "Create Policy Binding"

* website/docs: update endpoint device and system management button labels

- "Create" → "New Endpoint Connector", "New Enrollment Token",
  "New Device Access Group", "New Flow"
- Submit → "Create Device Access Group"
- "Create" → "New Notification Rule", "New Notification Transport"
- Binding submit → "Create Policy Binding"

* Reorganize policy documentation

* website/docs: address policy docs review feedback

* post-rebase

* website/docs: Reorganize policy documentation -- Revisions (#21601)

* apply suggestions

* Fix escaped.

* Fix whitespace.

* Update button label.

* Fix phrasing.

* Fix phrasing.

* Clean up stragglers.

* Format.

---------

Co-authored-by: Dominic R <dominic@sdko.org>
2026-04-16 17:35:38 +00:00

66 lines
3.4 KiB
Markdown
Raw Blame History

---
title: Okta
description: "Integrate Okta as a source in authentik"
tags: [source, okta]
---
Allows users to authenticate using their Okta credentials by configuring Okta as a federated identity provider via OAuth2.
## Preparation
The following placeholders are used in this guide:
- `authentik.company` is the FQDN of the authentik installation.
- `company.okta.com` is the FQDN of your Okta tenant.
## Okta configuration
To integrate Okta with authentik you will need to create an App Integration in the Okta Admin Console.
1. Log in to the Okta Admin Console as an administrator.
2. Navigate to **Applications** > **Applications** > **Add App Integration**.
3. Select **OIDC - OpenID Connect**, set **Application Type** to **Web Application**, and then click **Next**.
4. Configure the following required settings:
- **App Integration Name**: `authentik`
- **Sign-in redirect URIs**: `https://authentik.company/source/oauth/callback/<source_slug>/`
- Under **Assignments**, select how you'd like to control access to authentik. **Allow everyone in your organization to access** or select a group to limit access.
5. Click **Save**.
6. Under **Client Credentials**, take note of the **Client ID**. This value will be required in the next section.
7. Under **CLIENT SECRETS**, click the **Copy to clipboard** next to the secret and take note of the value, it will also be required in the next section.
## authentik configuration
To support the integration of Okta with authentik, you need to create an Okta OAuth source in authentik.
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Directory** > **Federation and Social login**, click **New Source**, and then configure the following settings:
- **Select type**: select **Okta OAuth Source** as the source type.
- **Create Okta OAuth Source**: provide a name, a slug which must match the slug used in the Okta Sign-in redirect URI field (e.g. `okta`), and the following required settings:
- Under **Protocol settings**:
- **Consumer key**: paste the **Client ID** from Okta
- **Consumer secret**: paste the **Secret** from Okta
- Under **URL settings**:
- **Authorization URL**: `https://company.okta.com/oauth2/v1/authorize`
- **Access Token URL**: `https://company.okta.com/oauth2/v1/token`
- **Profile URL**: `https://company.okta.com/oauth2/v1/userinfo`
- **OIDC Well-known URL**: `https://company.okta.com/.well-known/openid-configuration`
- **OIDC JWKS URL**: `https://company.okta.com/oauth2/v1/keys`
3. Click **Finish** to save your settings.
:::info Display new source on login screen
For instructions on how to display the new source on the authentik login page, refer to the [Add sources to default login page documentation](../../index.md#add-sources-to-default-login-page).
:::
:::info Embed new source in flow :ak-enterprise
For instructions on embedding the new source within a flow, such as an authorization flow, refer to the [Source Stage documentation](../../../../../add-secure-apps/flows-stages/stages/source/).
:::
## Source property mappings
Source property mappings allow you to modify or gather extra information from sources. See the [overview](../../property-mappings/index.md) for more information.
## Resources
- [Okta Developer Documentation - Create an app integration](https://developer.okta.com/docs/guides/create-an-app-integration/openidconnect/main/)
Reference in New Issue View Git Blame Copy Permalink