Okta - OIDC Setup

This guide will set up a custom Okta OIDC Application that will allow your users to login to Hava. These steps can be followed for most SSO identity providers, though the field names may be different. Custom apps will be coming soon.

1. Log into Hava and head to your Account Settings. From there select SSO Config, then click OIDC on the protocol selection page. This will show you the Service Provider values you will need to enter into Okta

2. Log into Okta and click Applications → Create App Integration

3. Select ‘OIDC - OpenID Connect’ and then ‘Web Application’ for the Application type, then click Next

4. Enter the following details into the settings:

   1. Name should be Hava

   2. Grant Type should be Authorization Code

   3. Sign-in redirect URIs should be set to the value of Sign-in Redirect URI from the Service Provider section in Hava

   4. Assignments should be set based on your requirements

5. All other values can be left as the defaults. Click Save to complete the Okta setup.

6. Head back to the Hava SSO OIDC config page and select Add OIDC Config

7. Enter the config values from the Okta setup instructions:

   1. Identity Provider Host should be set to Okta domain without any prefix or trailing slash, i.e. test-oidc.okta.com and not http://test-oidc.okta.com/

   2. OIDC client ID should be set to Client ID

   3. OIDC client Secret should be set to Client secret

8. Click Save to complete the setup