SELF HOSTED
/
Okta (Custom App - OnPrem)
Menu
Getting Started
What is Internal?
Dashboard
Connecting to Data Sources
Glossary
Tutorials
Tool Tutorial: Approval Queue
Tool Tutorial: Client Onboarding
Tool Tutorial: Customer Support
Datasources
AWS Lambda
Airtable
Amazon Redshift
BigQuery
Cassandra
Cloud Firestore
DynamoDB
Google Sheets
HTTP Data Source
Hubspot
Maria DB
MongoDB
MySQL
PostgreSQL
S3
SQL Server
SSH Tunneling
Salesforce
Snowflake
Stripe
Supabase
Zendesk
Functions
File Object Types
Introduction to Functions
MongoDB Functions
Data Transformation
Multi-Function Execution
Multipart Functions and Form Encoding
SQL Functions
Binary Data
Duplicating Functions
Time and Date Handling
HTTP Functions
Dynamic Parameters
Filter, Sort, Pagination (Reserved Parameters)
Spaces
Introduction to Spaces
Auto-generated Spaces
Creating and Publishing Spaces
Version History and Restore Versions
Custom Input and Form Validation
Environments
Field Configuration
How to Delete a Space
Data Display Options
Current User
URL Parameters
Visibility Rules
Queues
Introduction to Queues
Configuring Queues
Forms and Buttons in Queues
Queues Functions
Queues Permissions
Automatic Creation of Tasks
Automations
Introduction to Automations
Automations Audit Logs
Automations Dashboard
Automations Permissions
Configuring Automations
Components
Introduction to components
Bulk Action
Button
Card List
Chart
Checkbox 
Data Export
Date Time Picker
Detail
Dropdown
File Picker
Flexbox
Form
Function Component
Image
Input
JSON Input
JSON Viewer
Link
Pop-up Form
Radio Button
S3 Uploader
Stat
Table
Tag Selector
Text
Text Area
Self Hosted
Okta (Custom App - OnPrem)
OnPrem Deployment (Docker)
Settings
Auth Providers
Auth0 x Internal
Managing Data Sources
Permissioned Data Flows
Single Sign-On (SSO)
Two-Step Verification
Users
REST API
Pagination
Endpoints
API Keys

Okta (Custom App - OnPrem)

Internal OIDC supports Service Provider (SP)-Initiated Authentication and Identity Provider (IdP)-Initiated Authentication (SSO) flows.

When using the Okta OpenID integration, the Okta user's email address must match the Internal user's email address.

In Okta's Admin Portal:

  1. Login to the Okta Integration Network
  2. Select 'Create New App'
  3. Choose 'Web' for 'Platform' and 'OpenID Connect' for 'Sign on method'
  4. Select 'Create'
  5. Enter 'Internal OpenID Connect - OnPrem' for 'Application Name'
  6. Enter https://{domain}/api/sso/{externalKey}/auth/ as a 'Login redirect URI'.
  7. Select 'Save'
  8. On the 'General' tab, select 'Edit' next to 'General Settings'
  9. Under 'Allowed Grant Types', ensure that 'Authorization Code' and 'Implicit (Hybrid)' are selected.
  10. Ensure that 'Login Initiated By' is set to 'Either Okta or App'.
  11. Enter https://{domain}/api/sso/{externalKey}/login/ as the 'Initiate Login URI'.
  12. Select 'Save'
  13. Find the Client ID, Client Secret, and Okta Domain. Copy these to reference for later.

In Internal's Single Sign-On Settings:

The Internal Single Sign-On Drawer

  1. Navigate to 'Company Settings'
  2. Select the 'Security' tab
  3. Select 'Single Sign-On' to open the Single Sign-On drawer.
  4. From the Single Sign-On drawer, select 'Okta OpenID Connect' from the drop down.
  5. Referencing the values copied from the Okta Admin Portal, configure the following fields in Internal:
  6. Okta Domain
  7. Okta Client ID
  8. Okta Client Secret
  9. Click 'Save'
  10. In order to test this authentication method, navigate back to the Single Sign-On drawer and select 'Test Okta Configuration'. If everything looks good, you'll be redirected to Okta and back to the Single Sign-On drawer with confirmation.