Overview
This guide will walk you through configuring OpenID Connect authentication with Okta for Discngine Admin Center. Once completed, users will be able to log in using their Okta credentials.
Prerequisites
Before configuring Okta OpenID Connect, ensure you have:
- Organisation Administrator access to Discngine Admin Center (if you see an "Identity Provider" section, you are an Administrator)
- Administrator access to an Okta Workforce Identity Cloud Account
- Your Okta account connected to a business email address
Okta Configuration
Step 1: Access Okta Admin Panel
- Log in to your Okta account
- Navigate to the Admin panel
Step 2: Create App Integration
- Navigate to Applications → Applications
- Click the Create App Integration button
Step 3: Select Integration Type
- Select OIDC - OpenID Connect as the sign-in method
- Select Web Application as the application type
- Click Next
Step 4: Configure Application Settings
- Enter an App integration name (e.g., "Discngine Admin Center")
- Ensure Authorization Code is checked under Grant type
- Set the Sign-in redirect URI to:
https://account.discngine.cloud/oauth2/callback - Under Assignments, select Skip group assignment for now
- Click Save
Step 5: Save Client Credentials
Once the application is created, copy the following values to a secure location:
- Client ID
- Client Secret (click to reveal)
Step 6: Configure Issuer URL
- Navigate to the Sign On tab
- Under OpenID Connect ID Token, change the Issuer to use the Okta URL
- Click Save
- Copy the Issuer URL (e.g.,
https://your-domain.okta.com)
Step 7: Assign Users
- Navigate to Directory → People
- Click on the username of the user you want to enable for authentication
- Click Assign Applications
- Click Assign next to your newly created application
- Click Save and Go Back, then Done
Configure OpenID Connect in Discngine Admin Center
Step 1: Access Identity Providers
- Log in to Discngine Admin Center as an Organization Administrator
- Navigate to Settings → Identity Providers
- Click Add Provider and select OpenID Connect
Step 2: Configure Provider Settings
Fill in the following fields:
Basic Settings:
- Name:
Okta - Client ID: Enter the Client ID from Okta
- Client Authentication Method: Select
HTTP Basic authentication (client_secret_basic) - Client Secret: Enter the Client Secret from Okta
Discovery Settings:
- Discover Endpoints: Enable this option
- Issuer URL: Enter your Okta URL (e.g.,
https://your-domain.okta.com)
Scopes:
- Scope:
openid email
Linking Strategy:
- Select
Link on email. Create the user if they do not exist
Button Customization:
- Button Text:
Login with Okta(or customize as needed) - Button Icon: Optionally add a URL to an Okta icon
Step 3: Enable for Applications
- Scroll down to the Applications section
- Enable the identity provider for your desired applications
- Toggle Create Registration to automatically register users
- Click Save
Testing the Configuration
Step 1: Access Login Page
Navigate to https://admin-<organization-name>.discngine.cloud/
Step 2: Test Login
- Enter your email address
- You should see the Login with Okta button
- Click the button
- You will be redirected to the Okta login page
- Enter your Okta credentials
- Complete any required multi-factor authentication
- After successful authentication, you'll be redirected back to Discngine Admin Center
Troubleshooting
Common Issues
Redirect URI Mismatch
- Ensure the redirect URI in Okta exactly matches:
https://account.discngine.cloud/oauth2/callback
User Not Assigned
- Verify that the user attempting to log in is assigned to the Okta application
- Check the Assignments section in your Okta application
Invalid Client Credentials
- Double-check that you copied the Client ID and Client Secret correctly
- Ensure the Client Secret hasn't been regenerated
Issuer URL Issues
- Verify you're using the correct Okta domain URL
- Ensure the URL doesn't have a trailing slash
Scope Errors
- Make sure
openidandemailscopes are configured - Verify that the scopes are enabled in your Okta application