AdministrationSSO

Use Okta for SSO

This guide will walk you through the process of creating an app in Okta and integrating it into Method Platform’s auth service for SSO. Under the hood Method Platform uses Keycloak as its auth service.

Setup Okta

Log into your Okta organization as an administrator and navigate to the Admin Console.

Create a new App Integration

In the Admin Console, navigate to Applications > Applications in the left sidebar.

Click Create App Integration.

Configure the App Integration

On the Create a new app integration dialog, select OIDC - OpenID Connect as the Sign-in method.

Select Web Application as the Application type.

Click Next.

Configure App Settings

On the New Web App Integration page, enter Method Platform as the App integration name.

In the Sign-in redirect URIs section, enter the Redirect URI which should be: https://keycloak.<codename>.method.delivery/realms/method/broker/okta/endpoint.

Codename

Make sure to replace <codename> in the URI above.

For Assignments, select the appropriate option based on your organization’s needs. You can choose to allow all users or limit to specific groups.

Click Save.

Get Client Credentials

After saving, you’ll be redirected to the app’s general settings page.

Scroll down to the Client Credentials section.

Copy the Client ID - you’ll need this later.

Copy the Client secret by clicking the copy icon - you’ll need this later.

Client Secret Security

The client secret should be treated as sensitive information. If you need to retrieve it later, you can regenerate a new secret from this page.

Share Information with your Method Mission Ops team

There will be three pieces of information you need to share with your Method Mission Ops team:

  1. The Client Secret copied in the previous step
  2. Your Okta domain (Issuer URI)
  3. Client ID

Get Okta Domain (Issuer URI)

Your Okta domain is typically in the format: https://<your-org>.okta.com or https://<your-org>.oktapreview.com for preview environments.

You can find this in the top-right corner of the Admin Console, or in the app settings under Okta domain.

The full Issuer URI that you’ll share is: https://<your-org>.okta.com

Send three pieces of information to Method Mission Ops team

Ensure that this information is sent securely:

  1. Client Secret
  2. Okta domain (Issuer URI)
  3. Client ID

Test login

Once you are notified by your Method Mission Ops team, you should see a new Okta option when logging into Method Platform.