Before you start
Things you need to know:
This article is part of a process. Start with the article Set up Single Sign-On (SSO) for your account, and we will direct you to this article at the correct point in the process.
1. Create a new app
Log in to your Okta tenant admin.
Go to Applications > Applications.
Select Create App Integration.
For Sign-in method, select OIDC - OpenID Connect.
For Application type, select Web application.
This takes you to the Create OpenID Connect App Integration form.
2. Set up your Okta application and find Client ID and Client server
From the Create OpenID Connect App Integration form, you can set up your Okta app and find your Client ID and Client server:
Under GENERAL SETTINGS, for Application name, enter a name for your application.
Use a name that's easy to identify, such as Dotdigital.
For Grant type, select Authorization Code and Refresh Token.
For Sign-in redirect URIs, select + Add URI, and enter
You don't need to enter a value for Sign-out redirect URIs or the Trusted Origins section.
For Assignments, select the policy that matches your security requirement.
To get started quickly, you might want to Allow everyone in your organization to access.
This takes you to the general settings of your application.
Under the heading Client Credentials, copy the Client ID and save it for later.
Copy the Client secret and save it for later.
Under General Settings, copy your Okta domain and save it for later.
3. Find your Well-known endpoint
In Okta, the Well-known endpoint is called the Metadata URI. To find the Metadata URI:
From the top menu, go to Security > API.
Find the Authorisation server you want to use, and select the Edit icon.
Under Settings, find the Metadata URI, and copy the URI and save it for later.
The metadata URI is your well-known endpoint.
You now have all the information you need to set SSO up on your account.