Setting up Okta OIDC -OpenID Connect SSO

Step 1: Set up Okta to get 'Client ID' and 'Client Secret'.

• Go to your Okta Administrator Portal with the required credentials.

• Navigate to Applications -> Applications, from the left side panel.

• Click 'Create App Integration'.

• Select 'Sign-in method' value as 'OIDC - OpenID Connect'.

• Select 'Application type' value as 'Web Application', and click next.

• Assign a suitable 'App Integration Name'.

• Select 'Grant type' value as 'Client Credentials'.

• Fill in the Sign-in redirect URI and the Sign-out redirect URI.

• Scroll down to Assignments and select 'Skip group assignment for now' and click save.

• Copy 'Client Id' and 'Secret Key' under 'Client Credentials' and 'Client Secrets'.

• Also note the Issuer URL -

  • Okta provided - you will find this in the Account dropdown at the top right corner.

  • Custom - You will find this in customizations -> domain.

Step 2: Set up Perimeters with required configuration parameters.

• Go to: 'https://app.perimeters.io/dashboard/overview' -> Select Profile Avatar on top right corner -> Account Settings -> WORKSPACE -> SSO.

• Select 'Setup SSO Connection'

• Select 'Okta' under OpenID, which will open-up a guided view

• Click 'Next' and move to the fourth step, scroll down to find the 'Issuer URL' field, add your Okta Instance Url as the value, i.e, example.okta.com. And click 'Next'.

• Paste the previously generated Client ID and Client Secret under Client ID and Secret Key, click 'Next' -> 'Continue to claim domain'.

• Add your domain name in the “Domain Name” field and click “Proceed.

• Copy the TXT record values and add it to your domain, once added click 'Validate' -> 'Proceed', Please Note, it can take a couple minutes to reflect the records and validate the domain.

• Select 'Default SSO roles' and click 'Done'

NOTE: Only Admin role is required, but if any readonly users are present, then select Readonly as well.

Once this process is complete, assign the users to 'Perimeters SSO' from Okta.