Setting up Okta OIDC -OpenID Connect SSO

Perform the following steps to allow users signin via Okta. This is a two step process which requires setup in Okta and Perimeters application.

Step 1: Set up Okta to get 'Client ID' and 'Client Secret'.

  • Go to your Okta Administrator Portal with the required credentials.

  • Navigate to Applications -> Applications, from the left side panel.

  • Click “Create App Integration”.

  • Select “Sign-in method” value as “OIDC - OpenID Connect”.

  • Select “Application type” value as “Web Application”, and click next.

  • Assign a suitable “App Integration Name”.

  • Select “Grant type” value as “Client Credentials".

  • Fill in the Sign-in redirect URI and the Sign-out redirect URI.

  • Scroll down to Assignments and select “Skip group assignment for now” and click save.

  • Copy 'Client Id' and 'Secret Key' under 'Client Credentials' and 'Client Secrets'.

  • Also note the Issuer URL -

    • Okta provided - you will find this in the Account dropdown at the top right corner.

    • Custom - You will find this in customizations -> domain.

Step 2: Set up Perimeters with required configuration parameters.

  • Go to: 'https://app.perimeters.io/settings/domainManagement#/admin-box/sso'

  • Select 'Setup

  • Go to the 'Provide your Issuer URL' tab if you have followed the previous instructions to create Client ID and Client Secret. Paste the Issuer URL.

  • Paste the previously generated Client ID and Client Secret under Client ID and Secret Key, select Next, and continue to Claim Domain.

  • Enter the domain name used by users; it's essential for the correct redirection flow.

    • To validate the entered domain, Perimeters will perform a DNS challenge. Populate a new TXT record with Name and Value as shown in DNS configurations. This is an essential prerequisite to enable SSO on the domain.

  • Select 'Default SSO roles' and click Done.

Enable the domain for SSO.

PreviousAccount SettingsNextGeneral Instructions

Last updated