Configure Single Sign On with OKTA (OpenID Connect)
The following features are supported:
- Service Provider (SP)-Initiated Authentication (SSO) Flow
All accounts can use OKTA OpenID Connect for Single Sign On to both platform and security centre applications.
Configuration within the CultureAI platform is currently performed by the support team, you will need to provide the following information (which you can obtain following the configuration steps below):
|Okta Domain||The base domain or Custom URL you use for OKTA (e.g. clientsubdomain.okta.com)|
|Client ID||This is OpenID Public Identifier from the application configuration panel.|
|Client Secret||This is the token used by the CultureAI platform to generate authorization tokens.|
In your OKTA control panel, select "Applications > Applications" from the side-menu and "Browse App Catalog" from the Applications screen.
Search for and add the CultureAI application:
In the application options, open the General Tab:
Once you have the client ID and Client Secret, please reach out to the CultureAI support team and we will activate Single Sign On.
Once Single Sign On has been enabled, authentication can be triggered through one of the following routes:
- Clients using a custom URL (e.g. securitycentre.yourdomain.com) will automatically have their users redirected to OKTA and logged into the platform if authenticated.
- Clients using the default URL (e.g. securitycentre.culture.ai), users will be redirected to OKTA once they enter their email address and press login.
Known Issues / Troubleshooting
There are no known issues with the OKTA configuration, however please reach out to the CultureAI support team if you have any issues or questions.