Okta

Use these instructions to set up Okta as your SSO provider for Tonic Structural.

Okta configuration

You complete the following configuration steps within Okta:

1. Create a new application. Choose the OIDC - OpenId Connect method with the Single-Page Application option.

2. Click Next, then fill out the fields with the values below:

   • App integration name: The name to use for the Textual application. For example, Textual, Textual-Prod, Textual-Dev.

   • Grant type: Implicit (hybrid)

   • Sign-in redirect URIs: <base-url>/sso/callback/okta

   • Sign-out redirect URIs: <base-url>/sso/logout

   • Base URIs: The URL to your Textual instance

   • Controlled access: Configure as needed to limit Textual access to the appropriate users

3. After saving the above, navigate to the General Settings page for the application and make the following changes:

   • Grant type: Check Implicit (Hybrid) and Allow ID Token with implicit grant type.

   • Login initiated by: Either Okta or App

   • Application visibility: Check Display application icon to users

   • Initiate login URI: <base-url>

Textual configuration

After you complete the configuration in Okta, uncomment and configure the following environment variables in Textual.

For Kubernetes, in values.yaml:

# Okta SSO Config
# -----------------
#oktaAuthServerId: <customer auth server if you have one>
#oktaClientId: <client-id>
#oktaDomain: <sso-domain>
#oktaIdentityProviderId: <identity-provider-id>

For Docker, in .env:

#SOLAR_SSO_OKTA_CLIENT_ID=#<FILL IN>
#SOLAR_SSO_OKTA_DOMAIN=#<FILL IN>
#SOLAR_SSO_OKTA_IDENTITY_PROVIDER_ID=#<FILL IN>