How to Set up Single Sign On with Okta
Setting up Okta as an identity provider with Alli requires creating an Okta OpenID Connect (OIDC) Application in your Okta admin console. You’ll need to provide the OAuth Client ID and Secret to your Alli account representative as well as your Okta Domain.
Creating an Okta Application for Alli
1. Navigate to the Admin > Applications > Applications
Area
2. Create a New App Integration
Click the Create App Integration button.
And select ODIC and Web Application in the pop up then click Next.
3. Configure the Application
On the next screen enter a name and, optionally, a logo (use this logo for Alli if desired: https://static.alliplatform.com/alli.png).
Under Grant Type leave the Authorization Code grant checked.
Under Sign-in Redirect URIs enter https://sso.alliplatform.com/login/callback
as the redirect URI. If desired, you can enter a logout URI as https://login.alliplatform.com/logout
.
Under assignments select the option that makes the most sense for your organization.
4. Collect the Client Credential Information & Okta Domain
On the next screen copy the Client ID and a Client Secret. These need to be provided to your Alli representative.
The in the top right corner of the screen in the user name drop down copy the Okta Domain.
5. Send the Client ID, Okta Domain, and Client Secret to your PMG/Alli Rep
The Client ID and domain are public information and can be sent in a simple email.
The client secret should be shared more selectively. Share this with a single person, ideally via a password manager’s share functionallity or a service like https://pwpush.com/.
The gist here is to send the client secret to a single PMG/Alli rep instead of an email chain and to send a link to the client secret (via pwpush or a password manager) instead of sending the client secret directly.
Alternatively you may use PGP to encrypt the client secret and send it, our public key can be found below.
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBF0/C0EBEAC2Y0oPW4/X992wC66wYnkrNOnvcDZ6vNms4K570v4+OGYPk6D7
ewJ08Wlq8TJxCCx+DTRFfIRPVrttTqO2Ju7hyApVOvv83W/Lw3F8Nnxp4Jrwkby6
iHtoDDli04KhEdBIwVw4g72IlmTRz9sCpD0im5CONXxci7UKSWUSoVoggUJIg6nV
oJ7z9+y+mgSMqnrCB+eI9xxaCWD68hfsb/7NEypDH8NKwutt89ldufS2mXQ6Kb3Z
sfFwTRXbPrpOReLa0PK6PR3zZPjBGIF/kDW0+6JB3ZCEgODkGHJ2mFPO5RKukbzB
mGYKTSowLkFdCC1wFvDIj7mF4rgM7OsKySssV9EmjEahzJoUclsSY+4cH/u8AkDz
olTq38nL33/Zw9ttujAevyr4juQKqaY18gCjImA9jesgKfbE4n7WBgNVkfTGjccl
HeLeUq65AGO1mxJaiyk/lsxtaKXskUxmkvppLIglrUx4mqmDff7qM7nG9nI6I5Uw
/g3BBc76VCvu+g+Vmu9PgNOpYwkd3kRA8Pa87BJYyBuCG3tO3rUQ9jEGUELm8qSm
3os4ucr2iCW7ZhZa8XTn93ZRRhJMoG9Qy1vBLJm8Hi/UPzfTk9CIML0CQQyvEe+O
CPXEuEuYkKdCpvhUN9/YAerghYJ61ctdGxl1jynNnnClFS/PhUp63dOQFwARAQAB
tEZQTUcgVGVjaCAoUE1HIFRlY2ggUEdQIHNpZ25pbmluZyBhbmQgZW5jcnlwdGlv
bikgPHRlY2grcGdwa2V5QHBtZy5jb20+iQJOBBMBCgA4FiEEuYfABSV7pqzToP2/
N/ysl/ZcXg0FAl0/C0ECGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQN/ys
l/ZcXg2EmBAAqdn8nYVhFTVIM0mx7z0hEY1rPyH9k+s8DwUP1Ir8VJObYmiIR3e0
x+VO2u3a9sZkZ4RyaiX8VELcHkd8ycW6XKFcOrD7bSTfKoWyyLu9TyOK8Hsc38po
K1ap5bfFnBVMb5XOOzVpfNejK93J/mvGqB7qkHRY1uwSXxjsGK84w20nOkLcEHtQ
62+RbzN181kA39h1B85BL/bg8ypgaYObJ7IY2PqcgKQa8JM4kW6j05DpKtkIC+8s
ol0WdhnIk7/wbAJh1/ckFErtgm1hhOeYLIQEpXmsqpGx20buxM5QlHLUZgTy3wIE
1OeFUKC29p8oOpWHzLxdZhI16AH6oKcFzQyJXLPcshiYGKfnc5heaoIgZhlOWIPY
67Fjyocuxdy1tIHEdwkFoN4lubpf/Ptev/8WakiHxC7C/Tr/DsQekhrcoW+TqzB8
hrNBAbXBYWnwWQVSzNhGVVT5mNx0Inatwq09kqRxz7uhpx6ejysCca8zPgmdWbbJ
MMKhuYIYu6tXc+rIbofOEoSEd4tKbe5G0idcNJHSovk6WUVBwuyOG6Mu8Lh35nia
fbryYSSYMZp4ddmgnOQ3hKnu/k7HUGBRCl10YIrl2yukCQ2msQ+OXBuVfZ4GpOVW
vlqpc6PMlpNACLhh+H8i+xukmdzZxVj3DBkb6onXedCFpgk728nM6825Ag0EXT8L
QQEQAL1ukQNG8SXCrD6b75f45xUhzGO0L/iOGC7ivCVpC+kiOesI4hvPOgGSfpKk
/Mz4C9LbEJCS4ZmJuIIz14xzMNkAXOU/n3F2cBb95yVlFbY7Yx/SrtP7VTDxtJvT
nDxPLIYeCeXUart/nCGCO0nKanLg6rj7AWeWoJywvEDSqwFxCB1959nXfccPVrwl
W6Xt4X72HycS16g3/yBT4+Frn4VM6yvibweidVqOZGhioMInre9TL3jb4kHbGVri
msWkACSkgW5EEDpUQJc8a7Qs+mzOz1j2GENardWRqO9ID4biWF74st1orF0viH/F
SZdNNbY2rWoZioGW9cPSPDDWWV90oFdvAFkZZXyi3KA9DA9z1xxpJU9tQkPlrwzp
QeDj//i4kKoLYhz750GgX79waRkwoU+NFBNv6wS0yH8qvOgymDV7se0Ggzg5GEXZ
zeqvIEiX/mWF6oTeCSAyJ+PbiAZlS8U2fGc5YQY1U+r8uSmF2+xvgEGjV3h904R1
azuyb0dhLkVk1mdISs5j1yr8mcg0f/E9+0ikE9UkrZVRx2/YK3DWEKdiqAm5qpQT
9GQXLfjLJsKhfeweuDNJCOJhc/GBvov/dP2DUT2GBofmqR3C9CBNAzElZZKJdEUw
0ypWQZhiw6MZtcMCwf60OQxbOEVRv0xAkx3xqek9saf0KW8/ABEBAAGJAjYEGAEK
ACAWIQS5h8AFJXumrNOg/b83/KyX9lxeDQUCXT8LQQIbDAAKCRA3/KyX9lxeDX5V
EACgt4igSrvNyzBePVyJexe50F5SeCjahOX+B3e0/nBws0hly9jOuVI0SNAJ5nKP
mzx608lG1e84D93vrb9JiojEFuEwJIuxRLxbVkchvOBGALToX01Y9wv+puo2EcXG
wsUW3swVP5Ih6CBK0zDc4HZc3R1gN5YaXlOSbejGsJEJhWPnn/i9DCDpYysN3VL4
EieJhpOUkDVw+qftV3B90r+bUY4cToeWQGArr5RbQzY2mDTtxikbBPffw+/ecco5
f9UalUQocxuK+zg2DsXtDdw5vT2ykI5Y3oYlFE7ZiMcmdi/SdIj2CLrOipFknZ1i
gCAofqjwJ1GpYWbPBlgQ1ZIWLjJHTOTrYFwbVT4vBLN7wNsAfus7WMqSSmmwm2Rb
3OVlU3kGNtSRBS8XX/cl9BnWTVuwepP36922FmOY08MqRY9H1yH/OmhRkR+sg6wP
XsPD+/2sga9HKzH9nWWVJ2CV4Va9b8yPJagcsnyESHScWkhWtbEQlxcZmzNysk0R
z7smkCbyvKNwspT/BICFQ21jBHt+DTGZ7Go+APySnPB6QqyJ2ReQALZQeL/v3z1L
rq+Sd2LE4m5uZu/eogArZf06Q24sSdQ1g4gFK0douH0qn/Hn4Zz/t49BPFq8vSQu
cTnsvsLs5eVjtZowe1OQrYLjJtsLUYWfnC+qKLG1WgMwhw==
=yBFo
-----END PGP PUBLIC KEY BLOCK-----