Skip to content

Commit

Permalink
Update Setting-up-authentication-with-Okta.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@ryannewington
ryannewington authored Mar 31, 2022
1 parent 6d5e223 commit 2a106fe
Showing 1 changed file with 12 additions and 12 deletions.
24 changes: 12 additions & 12 deletions docs/setting_up_authentication/Setting-up-authentication-with-Okta.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,17 @@ The following guide will assist you in configuring your application to use Okta

## Configure a new application in Okta
1. Log into the Okta admin console with administrative credentials, select `Applications` then `Applications`
2. Click `Add application`, then `Create new app`
3. Select `Web` as the platform, and `Open ID Connect` as the sign on method
3. Enter `Lithnet Access Manager` or another suitable application name and optionally provide a logo
4. For the login redirect URI, enter the base URL where your Lithnet Access Manager app is hosted followed by `/auth/` (eg `https://accessmanager.lithnet.local/auth/`)
5. On the general settings page, click `Edit`
6. Set the logout URL to your base URL, and append `/auth/logout` to the end of it (eg `https://accessmanager.lithnet.local/auth/logout`)
7. Copy the `client ID` and `client secret` value for use later in the setup process
8. Assign the appropriate users to the app
9. Select `Directory` from the main menu bar, and select `Profile editor`. Find the `Lithnet Access Manager` app in the list, and click the `Profile` button
10. Click `Add attribute` and create a new attribute called `upn`, of data type `string`. Select both the `attribute required` and `User personal` check boxes
11. Click the `Map attributes` button. Find the UPN value, and map it to the okta attribute that contains the Active Directory UPN (eg aduser.userPrincipalName)
2. Click `Add application`, then `Create app integration`
3. Select `Open ID Connect` as the sign in method and and `Web application` as the application type
4. Enter `Lithnet Access Manager` or another suitable application name and optionally provide a logo
5. Ensure that `authorization code` is the selected grant type
6. For the sign in redirect URI, enter the base URL where your Lithnet Access Manager app is hosted followed by `/auth/` (eg `https://accessmanager.lithnet.local/auth/`)
7. Set the sign out redirect URI to your base URL, and append `/auth/logout` to the end of it (eg `https://accessmanager.lithnet.local/auth/logout`)
8. Assign the appropriate users to the app and save the new app
9. From the new app page, copy the `client ID` and `client secret` value for use later in the setup process
10. Select `Directory` from the main menu bar, and select `Profile editor`. Find the `Lithnet Access Manager` app in the list, and click the `Profile` button
11. Click `Add attribute` and create a new attribute called `upn`, of data type `string`. Select both the `attribute required` and `User personal` check boxes
12. Click the `Mappings` button. Find the UPN value, and map it to the okta attribute that contains the Active Directory UPN (eg aduser.userPrincipalName)

## Configure Lithnet Access Manager
1. Open the Lithnet Access Manager Service configuration tool
Expand All @@ -25,4 +25,4 @@ The following guide will assist you in configuring your application to use Okta
<img src="../images/ui-page-authentication-oidc.png" alt=! width="1000px">

## Enable multi-factor authentication
We strongly recommend to modify your application sign-on policy to require multi-factor authentication for the use of this app.
We strongly recommend to modify your application sign-on policy to require multi-factor authentication for the use of this app.

0 comments on commit 2a106fe

Please sign in to comment.