Okta (OpenID Connect)

Owned by Karl Henselin
Last updated: Feb 24, 2023
2 min read

This guide will help you configure Okta and FlexDeploy to work together with OpenID for SSO.

Replace capitalized text in the sample sso.config file with appropriate values. You will need to define an application in your Okta console and update values in the configuration file as shown below.

  • OKTACLIENTID - get this value from Okta application configuration.

  • OKTACLIENTSECRET - get this value from Okta application configuration.

  • OKTADOMAIN - get this value from your Okta domain details.

  • FLEXDEPLOYHOST - FlexDeploy application host

  • FLEXDEPLOYPORT - FlexDeploy application port

Example fdsso.config file for Okta (OpenID Connect)

Change log

  • FlexDeploy 6.0.0.0 - The values for callbackFilter.defaultUrl, excludedPathMatcher.excludedPath, and logout.defaultUrl have changed

callbackFilter.defaultUrl = /flexdeploy/next/#/home oidcConfig = org.pac4j.oidc.config.OidcConfiguration oidcConfig.clientId = OKTACLIENTID oidcConfig.secret = OKTACLIENTSECRET oidcConfig.discoveryURI = https://OKTADOMAIN.okta.com/.well-known/openid-configuration oktaClient = org.pac4j.oidc.client.OidcClient oktaClient.configuration = $oidcConfig clients.callbackUrl = https://FLEXDEPLOYHOST:FLEXDEPLOYPORT/flexdeploy/callback clients.clients = $oktaClient isAuthenticatedAdmin = org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer excludedPathMatcher = org.pac4j.core.matching.matcher.PathMatcher excludedPathMatcher.excludedPath = /next/#/login config.authorizers = admin:$isAuthenticatedAdmin config.matchers = excludedPath:$excludedPathMatcher ssoFilter = flexagon.fd.ui.security.FlexPac4jFilter ssoFilter.config = $config ssoFilter.clients = OidcClient ssoFilter.matchers = nocache ssoFilter.authorizers = admin logout = io.buji.pac4j.filter.LogoutFilter logout.config = $config logout.localLogout = true logout.centralLogout = true logout.defaultUrl = https://FLEXDEPLOYHOST:FLEXDEPLOYPORT/flexdeploy/next/#/home

Here is what configuration looks like in Okta.

The following macros are not currently supported in the footer:
  • style