Okta SSO Integration Guide
Overview
DevGrid uses Auth0 as its authentication platform. To enable SSO with your Okta tenant, we connect Okta as an enterprise identity provider via OpenID Connect (OIDC). The setup requires a few minutes of configuration in the Okta Admin Console and no changes to your existing user directory.
What you will do:
- Create an OIDC app integration in Okta
- Configure the redirect URI
- Assign users or groups
- Send three values to DevGrid
What DevGrid will do:
- Configure the Okta connection on our side
- Enable it for your organization's DevGrid tenant
- Confirm the connection is working
Step 1: Create an App Integration in Okta
- Sign in to your Okta Admin Console
- Navigate to Applications > Applications
- Click Create App Integration
- Select:
- Sign-in method: OIDC - OpenID Connect
- Application type: Web Application
- Click Next
Step 2: Configure the Application
On the New Web App Integration page, fill in the following:
| Setting | Value |
|---|---|
| App integration name | DevGrid (or your preferred name) |
| Logo | Optional |
| Grant type | Authorization Code (should be selected by default) |
| Sign-in redirect URIs | See below |
| Sign-out redirect URIs | Leave blank (or ask DevGrid if needed) |
| Controlled access | Choose based on your policy (see Step 3) |
Sign-in Redirect URI
DevGrid will provide you with the exact redirect URI for your tenant. It follows this format:
https://auth.devgrid.io/login/callbackImportant: Contact your DevGrid representative for the exact redirect URI before creating the app. Using the wrong URI will prevent SSO from working.
Click Save.
Step 3: Assign Users or Groups
After creating the app, control who can sign in to DevGrid:
Option A: Assign to everyone
- Under Assignments, select "Allow everyone in your organization to access"
Option B: Assign specific groups or users
- Under Assignments, select "Limit access to selected groups" or assign individual users
- Navigate to the Assignments tab of the app and add the relevant groups or users
Only users assigned to this application in Okta will be able to SSO into DevGrid.
Step 4: Collect the Required Values
After saving the app, navigate to the General tab of the application. You will need three values:
| Value | Where to Find It |
|---|---|
| Client ID | General tab > Client Credentials section |
| Client Secret | General tab > Client Credentials section (click the eye icon to reveal) |
| Okta Domain | Your Okta organization URL, e.g. yourcompany.okta.com |
Your Okta domain is the base URL you use to access the Okta Admin Console, without https:// and without any trailing path. For example:
yourcompany.okta.comyourcompany.oktapreview.com(if using a preview/sandbox environment)
Step 5: Send Values to DevGrid
Share the following with your DevGrid contact:
| Item | Example |
|---|---|
| Okta Domain | yourcompany.okta.com |