OKTA

Create application

  • First, go to GLPI and download the Oauthsso plugin

  • Navigate to the Setup > Oauth SSO applications

  • Click on Add

add SSO GLPI
  • Keep this window active and retain the callback URL :

copy callback URL
  • In your OKTA interface, go to Applications

  • Create App Integration

create app
  • Select option OIDC – OpenID Connect in the 1st insert and Web Application in the second

  • Click on Next

select sign-in
  • Enter an application name and check the box Client credentials

web integration
  • Enter the return URL, retrieved above, in Sign-in redirect URIs.

paste URL callback

Assignments

  • In the last box, select the option that suits you best (here we authorize all users present in OKTA)

  • Finally, click on Save

assignments

Setup GLPI

  • In GLPI, go back to the Oauth SSO plugin configuration window and enter your OKTA tenant information :

setup GLPI
  1. Give your provider a name, which will appear on the login page.

  2. Indicate this as active

  3. Enter OKTA as provider Oauth

  4. Enter the application ID found in the application previously created in OKTA

client ID
  1. Specify the ID field to be mapped with OKTA

  2. Specify the customer secret available in OKTA in the previously created application

add secret
  1. Enter the name of your OKTA instance (https://XXXXXXXXX.okta.com), available in the account creation confirmation e-mail.

  • Click on Add

  • In the plugin, you will see the approval message:

test connexion

Now that the configuration is complete, you can test it with a user.

login page
home page

Creative Commons License