# Okta configuration
To enable Okta as your SSO provider for Tonic Textual, you first complete the following configuration steps within Okta:
1. Create a new application. Choose the **OIDC - OpenId Connect** method with the **Single-Page Application** option.
Create a new app integration
2. Click **Next**, then fill out the fields with the values below:
* **App integration name:** The name to use for the Textual application. For example, Textual, Textual-Prod, Textual-Dev.
* **Grant type:** **Implicit (hybrid)**
* **Sign-in redirect URIs:** For self-hosted instances, `/sso/callback/okta`.\
\
\
\
\
\
\
\
For Textual Cloud, on the **Permission Settings** page, the sign-in redirect URL is displayed on the **Single Sign-On** tab. Copy the value from there and paste it into the field.
* **Base URIs:** The URL to your Textual instance
* **Controlled access:** Configure as needed to limit Textual access to the appropriate users
App integration settings
3. After saving the above, navigate to the **General Settings** page for the application and make the following changes:
* **Grant type:** Check **Implicit (Hybrid)** and **Allow ID Token with implicit grant type**.
* **Login initiated by:** Either **Okta** or **App**
* **Application visibility:** Check **Display application icon to users**
* **Initiate login URI:** ``
Application settings
Login settings
4. Make a note of the following values that must be provided to Textual:
* Client ID of the application:
* Your Okta domain (for example, `tonic.okta.com`)
* If you created a custom authorization server for Textual, the server ID:
* IdP ID (If you use an outside identity provider):
