OKTA¶

Create application¶

First, go to GLPI and download the Oauthsso plugin
Navigate to the Setup > Oauth SSO applications
Click on Add

add SSO GLPI

Keep this window active and retain the callback URL :

copy callback URL

In your OKTA interface, go to Applications
Create App Integration

create app

Select option OIDC – OpenID Connect in the 1st insert and Web Application in the second
Click on Next

select sign-in

Enter an application name and check the box Client credentials

web integration

Enter the return URL, retrieved above, in Sign-in redirect URIs.

paste URL callback

Assignments¶

In the last box, select the option that suits you best (here we authorize all users present in OKTA)
Finally, click on Save

assignments

Setup GLPI¶

In GLPI, go back to the Oauth SSO plugin configuration window and enter your OKTA tenant information :

setup GLPI

Give your provider a name, which will appear on the login page.
Indicate this as active
Enter OKTA as provider Oauth
Enter the application ID found in the application previously created in OKTA

client ID

Specify the ID field to be mapped with OKTA
Specify the customer secret available in OKTA in the previously created application

add secret

Enter the name of your OKTA instance (https://XXXXXXXXX.okta.com), available in the account creation confirmation e-mail.

Click on Add
In the plugin, you will see the approval message:

test connexion

Now that the configuration is complete, you can test it with a user.

login page

home page

Read the Docs v: latest

Versions: latest

Downloads: pdf; epub

On Read the Docs: Project Home; Builds