Okta

Use these instructions to set up Okta as your SSO provider for Tonic Structural.

Okta configuration

You complete the following configuration steps within Okta:

Create a new application. Choose the OIDC - OpenId Connect method with the Single-Page Application option.
Click Next, then fill out the fields with the values below:
- App integration name: The name to use for the Textual application. For example, Textual, Textual-Prod, Textual-Dev.
- Grant type: Implicit (hybrid)
- Sign-in redirect URIs: <base-url>/sso/callback
- Sign-out redirect URIs: <base-url>/sso/logout
- Base URIs: The URL to your Textual instance
- Controlled access: Configure as needed to limit Textual access to the appropriate users
After saving the above, navigate to the General Settings page for the application and make the following changes:
- Grant type: Uncheck Allow Access Token with implicit grant type.
- Login initiated by: Either Okta or App
- Application visibility: Check Display application icon to users
- Initiate login URI: <base-url>

Textual configuration

After you complete the configuration in Okta, uncomment and configure the following environment variables in Textual.

For Kubernetes, in values.yaml:

# Okta SSO Config
# -----------------
#oktaAuthServerId: <customer auth server if you have one>
#oktaClientId: <client-id>
#oktaDomain: <sso-domain>
#oktaIdentityProviderId: <identity-provider-id>

For Docker, in .env:

#SOLAR_SSO_OKTA_CLIENT_ID=#<FILL IN>
#SOLAR_SSO_OKTA_DOMAIN=#<FILL IN>
#SOLAR_SSO_OKTA_IDENTITY_PROVIDER_ID=#<FILL IN>

Last updated 24 days ago