Login
      Contents x
      Okta Identity Provider Integration
      • 06 Feb 2025
      • 3 Minutes to read
      • Print
      • Dark
        Light
      • PDF
      Contents

      Okta Identity Provider Integration

      • Updated on 06 Feb 2025
      • 3 Minutes to read
      • Print
      • Dark
        Light
      • PDF
      Article summary

      You can integrate your Okta Identity Provider (IdP) with Axiad Mesh to ensure that your users are securely logging into the portal.

      The integration requires updates on both Okta and Axiad Mesh.

      Okta IdP Configuration Steps

      IMPORTANT

      These steps are Axiad’s current understanding of the configuration. Since Okta is a third-party product, there may be slight variations between your experience and what the guide describes. We work hard to keep things as up to date as possible, but depending on versions in use, latest updates, etc., there may be some mismatches.

      If you find any blatant differences or anything that does not make sense, then please provide feedback on this article.

      1. Log into your Okta administrative portal and navigate to Applications under the Applications menu

      2. Click the Create App Integration button

      3. On the Create a new app integration page, select OIDC - OpenID Connect as the Sign-in method

      4. Select Web Application as the Application Type

      1. Under General Settings on the New Web App Integration page, set the App integration name to a friendly name, e.g. Axiad Mesh

      2. Enable Client Credentials for the Grant type option

      3. Add the Sign-in redirect URI

        • The format for this is https://mesh.axiad.io/oauth2/callback?domain=<domain>

        • Replace <domain> with the name that matches the UPN domain component, e.g. acme.com for users such as johnsmith@acme.com

          • Copy this domain value as you will use it in the Axiad Mesh configuration steps as well (step 3 below)

      Multiple Domain Support

      You can configure multiple IdP connections in Axiad Mesh to handle multiple domains

      1. Under Assignments, select Limit access to selected groups and then specify the group(s) that are allowed access to Axiad Mesh

        • This is an optional step, but encouraged to ensure only the users you want to access Axiad Mesh have the ability to do so

      2. Click Save

      3. Copy the following information from the Okta setup to complete the configuration in Axiad Mesh (step 5 below):

        • Okta Tenant ID

        • Client ID

        • Client Secret

      Note

      The Okta Tenant ID is the value without the okta- prefix; and should not include the -admin suffix

      Axiad Mesh Configuration Steps

      Note

      You can integrate your Okta IdP with Axiad in the initial onboarding process as the primary IdP; or as a secondary IdP after you configured another IdP as the primary IdP.

      For more information about the initial onboarding process, please review the Axiad Mesh Admin Onboarding Guide.

      Initial Onboarding Configuration

      If you are adding Okta as your primary IdP during your initial onboarding, then complete the following steps.

      1. After clicking on the access link from the Axiad Mesh welcome email, you will be prompted to set up your primary IdP

      2. Set the Domain to the domain value included in the Okta URI value in step 7 above

      3. Select Okta Single-sign-on from the Provider dropdown

      4. Fill in the fields with the values copied from the Okta configuration (step 10 above)

      1. On the next screen, set the Admin groups based on which users you would like to be Axiad Mesh admins when logging in with Okta

      Okta Group Limitations

      Only users that are in the groups included in step 8 above can access Axiad Mesh, so for any groups you add here, be sure that they are members of any group limitations made in Okta.

      1. Click Continue and then you’ll be logged into the Axiad Mesh portal for the first time

      Secondary IdP Configuration

      If you already have your initial IdP connected and need to add a new one or you need to replace the existing one, then you can connect your Okta IdP from the Axiad Mesh administrative portal.

      1. From the homepage, click on the gear icon to get to the Settings page

      1. Select Identity providers from the left-hand menu and click + Add identity provider

      1. On the Add identity provider page, set the Domain to the domain value included in the Okta URI value in step 7 above

      2. Select Okta Single-sign-on from the Provider dropdown

      3. Fill in the fields with the values copied from the Okta configuration (step 10 above)

      4. Set the Admin groups based on which users you would like to be Axiad Mesh admins when logging in with Okta

      Okta Group Limitations

      Only users that are in the groups included in step 8 above can access Axiad Mesh, so for any groups you add here, be sure that they are members of any group limitations made in Okta.

      1. Once the fields are filled out, click Test Connection

      2. Upon a successful test, click Add & Connect

      3. Once completed, you’ll see the new IdP listed on the Identity providers page

      Was this article helpful?
      What's Next
      101 Metro Drive, Suite 560
      San Jose, CA 95110
      United States
      Social
      Change password!
      Changing your password will log you out immediately. Use the new password to log back in.
      Change profile
      Success!
      First name must have atleast 2 characters. Numbers and special characters are not allowed.
      Last name must have atleast 1 characters. Numbers and special characters are not allowed.
      Enter a valid email
      Enter a valid password
      Your profile has been successfully updated.
      Logout