Okta OpenID SSO

<< Click to Display Table of Contents >>

Navigation:  Technical specifications >

Okta OpenID SSO

Important!

For Intellek to continue to support you and your LMS, we offer the ability for Users to login via a separate login page. External Contacts with prior access to the LMS will also need to use this separate login page.

Intellek has already or will establish a test environment for testing your SSO connection prior to enabling SSO on your live LMS instance. Before proceeding with the following steps insure you have your test site and your live site URIs handy.

Your LMS must have all user data imported prior to setting up Okta.

Users’ Login in the LMS (User_Identifier in the import) MUST match their Okta User name 

Need more guidance?  Contact support@Intellek.io.

Configure Okta with OpenID for Intellek LMS

1. From the dashboard click "Create App Integration"

Okta-dashboard

 

2. In the Create a new app integration dialogue, select OIDC - OpenID Connect and Web application,  then click the NEXT button

Create-new-app-integration

3. General Settings

Fill in the App integration name

Upload a logo, as desired

Ensure Implicit (hybrid) is checked

Add the Sign-in redirect URI. Redirect URIs will be https://[Intellek_LMS_URL]/authorization-code/callback where [Intellek_LMS_URL] is your LMS url. We require testing OKTA SSO in a test environment prior to make the switch to your live site. First add your test site URI in the field provided for testing. You can add your live site URI in the "Add URI" area or once your test site has been tested, you can change the primary URI to your live site URI.

Select who will have access to the application in the Assignments section as required

Click Save

New-app-details-1

 

4. Once the application has been created you will be able to access the following which you will need to send to the Intellek support team (support@intellek.io) in order for us to update the application configuration.

Client ID

Client secret

Okta domain.

 Copy/paste these to a safe place as you may need to refer to them at a later date.

App-post-creation-1

5. Confirm the application is set up correctly:

Application type: Web

Grant Type: Client acting on behalf of a user (ensure the following are checked)

oAuthorization Code

oImplicit (hybrid)

oAllow ID token with implicit grant type

oAllow Access token with implicit grant type

App-post-creation-2

Configuring the LMS to use Okta OpenID

 

1.Your users’ Login in the LMS (User_Identifier in the import) MUST match their Okta Username

2.Contact Intellek Support (support@Intellek.io) with the following information from your Okta portal from step 4 above.

Client ID

Client secret for the above application

Okta Domain e.g. https://{{okta account name }}.okta.com

Intellek will configure your LMS instance with the above settings