Textual configuration (self-hosted)

On a self-hosted instance, after you complete the configuration in Okta, uncomment and configure the relevant environment variables in Textual.

The Textual configuration requires some values from the configuration in Okta. For more information, go to Getting the required values for the Textual configuration.

Kubernetes

For Kubernetes, the settings are in the Okta SSO Config section of values.yaml:

# Okta SSO Config
# -----------------
#oktaAuthServerId: <customer auth server if you have one>
#oktaClientId: <client-id>
#oktaDomain: <sso-domain>
#oktaIdentityProviderId: <identity-provider-id>
#oktaGroupFilterRegex: <regular expression to identify allowed groups>
#oktaUsePKCEFlow: <true to use PKCE. Otherwise false.>

• oktaAuthServerId - If you created a custom authorization server, the server ID. If you do not use a custom authorization server, then you can omit this.

• oktaClientId - The client identifier of the application.

• oktaDomain - The Okta domain.

• oktaIdentityProviderId - If you use a third-party provider, the provider identifier. If you do not use a third-party provider, you can omit this.

• oktaUsePKCEFlow - Whether to use the recommended Okta PKCE authorization flow. Default is false. To use the PKCE flow, make sure that your Okta configuration uses the Authorization Flow and Refresh Token grant types.

Docker

For Docker, the settings are in .env:

• SOLAR_SSO_OKTA_CLIENT_ID - The client identifier of the application.

• SOLAR_SSO_OKTA_DOMAIN - The Okta domain.

• SOLAR_SSO_OKTA_IDENTITY_PROVIDER_ID - If you use a third-party provider, the provider identifier. If you do not use a third-party provider, then you can omit this.

• SOLAR_SSO_OKTA_USE_PKCE - Whether to use the recommended Okta PKCE authorization flow. Default is false. To use the PKCE flow, make sure that your Okta configuration uses the Authorization Flow and Refresh Token grant types.