Using Okta for Social Sign On

Using Okta for Social Sign On
Using Okta for Social Sign On

Do you want your users to sign in to your CrowdFunding platform via an identity provider that they may already be using such as Facebook, LinkedIn, Google, Apple, Microsoft, and Okta? This tutorial is going to cover how to set up Okta the SSO (Social Sign On) feature on the Atlas white label CrowdFunding platform.

Okta is the identity provider service that you will need to use in order to add the identity providers as mentioned earlier. This will be mandatory to sign up for and set up if you would like to be using the other providers to sign in to the platform.

Step 1. Sign up for Okta

Go to developer.okta.com to sign up for a new account. Be sure NOT to sign up for an okta.com account as the pricing for these accounts is different and will also provide a different dashboard user interface.

Click on the Sign Up button
Click on the Sign Up button

Step 2. Enable the Okta feature

Log into your Atlas platform as a portal admin and do the following:

Go to the admin dashboard –> Portal Settings –> Website Settings –> Social Login –> Enable Social Login.

Okta Social Sign On Feature
Okta Social Sign On Feature

As you can see, you will need to paste information into the fields as shown above in order to connect with Okta and enable this feature.

You may also see the Enable Okta Iframe feature as well. This is designed for those that are going to be using the Sedra widget on another website. If you are not using the Sedra widget then this is not needed.

Step 3. Create a new application on Okta

Once you have created the developer Okta account, you will need to create a new application on Okta. Simply log into Okta and go to the admin dashboard. Next, click on Applications.

Applications option in the left menu
Applications option in the left menu

You can create the new application by clicking on the blue Add Application button.

Add application
Add application

You will be directed to another page. On this page, click on the blue Create New App button in order to create the new app.

Create New App
Create New App

You will then need to choose the type of app that you want to create.

Choose Single Page App (SPA).

Choose the SPA option
Choose the SPA option

Click create.

Now that you have created the new app, you will need to add the correct Login/Logout URI’s. This will be your Atlas URL, for example, if your platform is hosted on https://crowdfunding.atlas.thrinacia.com then you should add this URL.

PLEASE NOTE if you are using or planning to use the Sedra widget, you will need to also add the URL of the page that you are hosting the widget on. If it is hosted in an iframe you will need to inspect the element, find the source and use the base URL and the first directory. The URL could look something like this – https://crowdfunding.com/pages you can contact thrinacia support if you are experiencing any issues by emailing support@thrinacia.com

Add the URI's
Add the URI’s

You can then save the new application.

Step 4. Add the Client ID and Okta Domain into Atlas

Now that you have created a new SPA, paste both the Client ID and the Okta domain into the Atlas social login settings.

Okta Application UI
Okta Application UI

First, you will need to copy the Client ID and paste it into the Atlas dashboard.

Once you have done that, you can then copy the Okta domain and paste it into the Atlas dashboard.

PLEASE NOTE that you will need to include https:// when pasting the Okta domain into the Atlas dashboard.

Step 5. Create and paste the new API token

Now that you have the client ID and Okta domain added into the Atlas dashboard, you will need to add the API token from Okta. To do this, go back to the Okta admin dashboard.

Click on the Security item in the left menu, then click on the API option.

API option in security drop down
API option in security drop down

Click on the Tokens tab, then click on Create Token button.

Tokens Tab
Tokens Tab

Add a name for the new token.

Add the name for the token
Add the name for the token

You will be presented with the one-time API Token. Copy this and paste it into the Atlas dashboard.

PLEASE NOTE if you have a custom login URL for Okta, you will need to make sure that this custom login URL is reflected in the issuer area when going to Okta API –> Security –> API –> edit the default API (click on blue pencil icon) –> Issuer URL. If you have not created a custom URL for Okta login then this does not apply to you.

Step 6. Adding Claims

Since you are already on the API page, click on the Authorization Servers tab, then click on the edit button (blue pencil icon).

Click on the edit pencil icon
Click on the edit pencil icon

Next, click on the Claims tab, then Add Claim.

Add the claims
Add the claims

You will need to add 2 claims. The first name and the last name. Please see the below screenshots for the correct configuration.

First Name Claim
First Name Claim
Last Name Claim
Last Name Claim

Remember to save the claims.

Step 7. Adding groups

You will need to add the users that you would like Okta to be using for the app. In this example, we will be using everyone. Go back to the SPA app by clicking on the applications item, the left menu.

Then click on the assignments tab. Here you can assign users to the app.

Click on the assign drop down
Click on the Assign drop down

Choose Assign to Groups, then click on the Assign button to assign everyone.

Add everyone to the app
Add everyone to the app
Now everyone is assigned
Now everyone is assigned

Thats it! You have now connected Okta to your platform.

Now that you have followed the above steps and have successfully connected Okta to your platform, you can try adding one of the following identity providers: