The following steps are required to be done within your Okta environment:
Login to your OKTA with a user who has Admin permissions.
Click the "Admin" button.
This should show the Okta Dashboard.
Click "Add Applications"
Click "Create New App"
You should get a dialog with various sign in methods, with includes "OpenID Connect".
If you get a dialog without the "OpenID Connect" sign on method, then contact Okta support and ask them to enable it for you.
SignOn: OpenID Connect
Under "General Settings":
Set Application Name: "CloudynSSO"
Under General tab:
Click “Edit” to the General settings
Enable “Implicit” under Allowed Grant Types (in addition to "Authorization Code")
“Login initiated by” should now be visible.
Select “Either Okta or App” in the “Login initiated by” drop down.
"Application Visibility" and "Initiate login URI" should now be visible.
Under “Application Visibility”, select the first checkbox (and optionally the second checkbox)
For "Initiate login URI", enter your cloudyn login url, eg https://abc.cloudyn.com
Under General tab, Client Credentials:
Note the following fields:
* Client ID
* Client Secret
Under Groups/People tab:
Send to Cloudyn support the following information:
- OpenID Connect identity provider: Okta
- Email domain serviced by Okta
- Email address of a person responsible to process new Cloudyn users for your organization
- Your Okta organization sign in page, eg https://abc.okta.com/
- Client ID
- Client Secret