Okta SSO
In this guide, you’ll learn how to set up Okta SSO in Coalesce.
In the documentation, <app_domain>
signifies the domain you should utilize, corresponding to the Coalesce region you're operating in. The examples provided, such as app.coalescesoftware.io
, app.eu.coalescesoftware.io
, or app.australia-southeast1.gcp.coalescesoftware.io
, are illustrative and not comprehensive. There may be additional domain variations to accommodate various regional deployments.
To ensure you're using the correct domain, always check the URL in the address bar once you're logged into the Coalesce application for your specific region's domain.
Configure Okta SSO
To use Okta as your Single Sign-On provider, you'll want to create a new App Integration in Okta. To do this, take the following steps:
-
Open the admin panel for your Okta organization
-
Click on Applications. You should now be at a screen that looks like the following screenshot.
-
Click on Create App Integration
-
You'll be presented with a window with options like the following screenshot. Select OIDC - OpenID Connect as the Sign-in method and Single-Page Application as the Application Type and then create the new app integration.
-
On the settings page for this newly created integration, enter the following:
- App Integration Name - this is typically going to be
Coalesce
but any friendly name works - Sign-in redirect URI - by default this is
http://localhost:8080/login/callback
which you'll want to change tohttps://mySubdomain.<app_domain>/login/callback
.mySubdomain
is typically the name of your organization.- Create a subdomain if one hasn’t already been defined for your organization. We recommend choosing a name specific to your organization. If the Subdomain box in your Single Sign-On Settings is blank, you need to create a subdomain for your organization.
- Controlled Access - select whichever setting is appropriate for your organization
- App Integration Name - this is typically going to be
-
Click Save. You'll now be at a window with all your App Integration settings. Keep this browser tab open as you'll need to enter some information from it into Coalesce.
-
Open a new browser tab/window
-
Sign in to your Coalesce application using username and password
-
Go to Single-Sign on settings via User Menu Org Settings Single Sign-On.
-
Fill out the fields using the following table:
Field Description Authority The system being used for Single Sign On, choose Okta. Subdomain This will be the same as mySubdomain
. Not the entire redirect URI.Authorization Server Refer to the URL you use for your Okta account. Your Authorization Server will be the base URL. For example: https://<yourcompany>.okta.com
OIDC clientID This will be the same as the Client ID field in the settings of your Okta app integration. -
Once you've filled out the SSO settings in Coalesce, click Save
-
Log out of Coalesce
-
Go to your SSO URL, which will be formatted like -
https://mySubdomain.<app_domain>
- and click on the Use Single Sign-On button to log in using SSO.
If instead of a button you see an error message, check to make sure you correctly entered all the fields in your Coalesce SSO settings. If the problem persists please reach out to our Support Team.