Comment on page
Setting up authentication with Okta
The following guide will assist you in configuring your application to use Okta for authentication.
- 1.Log into the Okta admin console with administrative credentials, select
ApplicationsthenApplications - 2.Click
Add application, thenCreate app integration - 3.Select
Open ID Connectas the sign in method andWeb applicationas the application type - 4.Enter
Lithnet Access Manageror another suitable application name and optionally provide a logo - 5.Ensure that
authorization codeis the selected grant type - 6.For the sign in redirect URI, enter the base URL where your Lithnet Access Manager app is hosted followed by
/auth/(e.g.https://accessmanager.lithnet.local/auth/) - 7.Set the sign-out redirect URI to your base URL, and append
/auth/logoutto the end of it (e.g.https://accessmanager.lithnet.local/auth/logout) - 8.Assign the appropriate users to the app and save the new app
- 9.From the new app page, copy the
client IDandclient secretvalue for use later in the setup process - 10.Select
Directoryfrom the main menu bar, and selectProfile editor. Find theLithnet Access Managerapp in the list, and click theProfilebutton - 11.Click
Add attributeand create a new attribute calledupn, of data typestring. Select both theattribute requiredandUser personalcheck boxes - 12.Click the
Mappingsbutton. Find the UPN value, and map it to the Okta attribute that contains the Active Directory UPN (e.g. aduser.userPrincipalName)
- 1.Open the Lithnet Access Manager Service Configuration Tool
- 2.Select the
App configuration\User Authenticationpage - 3.Select
Open ID Connectas the authentication provider - 4.Enter the URL of your Okta tenant in the
Issuer/Authorityfield - 5.Enter the client ID and secret obtained from the Okta setup process
We strongly recommend modifying your application sign-on policy to require multifactor authentication for the use of this app.