Okta

Follow

The Okta plugin allows Countly to bypass its regular authentication procedures and use the Okta user credentials of the organization instead. The Okta Integration plugin is available in the Enterprise Edition v20.04 and above.

Availability

The Okta plugin is available in Enterprise Edition as a paid add-on. To get more information on deployment and pricing, please get in touch with us.

image6.png

What is Okta?

image8.png

Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication. Okta's Universal Directory allows you to store an unlimited amount of users and attributes from applications and sources like AD or HR systems. 

How to set up the Okta integration?

1. Enable the Okta plugin

First and foremost, enable the Okta plugin: go to Management > Plugins in the top right corner and click on the Enable toggle button. If you don’t have access to these settings, please contact your account admin.

Tip: The user of the organization needs to use the same Countly login credentials as their organization’s Okta authentication account.

2. Steps in your Okta dev console

Note: These steps have been taken from Okta’s documentation. As they may update their product and documentation, please visit the Okta App Registration page for complete details.

Tip: You can either use an existing OpenID Connect app or create one.

2.1. In the Okta dev console, click the “Applications” tab and then “Create New Application”.

image2.png

 

2.2. Fill the “Application Settings” fields like app name and Countly domain for your organization redirect urls (e.g. https://countly.yourdomain.com/okta/login-callback for login and https://countly.yourdomain.com for logout).

image5.png

That’s all! Now you can continue the setup on Countly and easily finalize the Okta integration.

3. Installing the Okta plugin in Countly

Create and enable a config.js file from sample.config.js:

Countly-hosted installation

If your server is Countly-hosted, please contact Support and provide us with the information listed below.

module.exports = {

    orgUrl: 'https://dev-623170.okta.com', 

    clientId: '0oa16eh84vg4cHHSb4x7',

    clientSecret: 'wgyItX95EjtusUoccVhtLY2t8OvvicrVt5CHHE6v',

    apiToken: '00mmBkLFJhOiGcOsLaf--DuezUGdo_0j8abT4OO2yx',

    globalAdminGroup: 'countly-global-admin',

    baseUrl: 'https://foysal.count.ly',

};

orgUrl: can be found in the top right section of the Okta dashboard

image7.png

clientId and clientSecret fields can be found in the Okta dashboard, under the “Applications” tab.

image4.png

apiToken: create API token on Okta

image1.png

globalAdminGroup: group name, which will be the global admin of Countly and which needs these group permissions to access the user management and create groups inside Countly.

baseUrl: Countly domain for your organization.

How to use Okta in Countly?

  1. Go to Management > Users in the top right corner.
  2. Choose a user who is a member of the group which has been set up as a Global Admin Group and who can manage the Users section and create Groups. The group name of Okta and the group name of Countly should be the same.image3.png
  3. The Okta plugin does not have user-level permissions; instead, it has group-level permissions. The members of the Okta groups should match those of Countly groups for the members of the Okta group to access the Countly Dashboard. Permissions will depend on the group permission setup inside Countly to manage the Groups or Users sections. Assign users to the groups in Okta in order to match between Countly groups and Okta groups.image9.png

Tip: If you are unable to see the option of Okta integration on your Countly account, it is possible that it is not part of your package. Please reach out to your account manager or the support team to add this. If it is included in your package but you are unable to see the option, please reach out to our support team who will help you set it up.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.