Authorization

Authorize this connector by creating a connection to your Okta account. You can reuse this connection the next time that you build a flow with this connector.

If you want to create a connection for the current Okta org, see Create a connection from the current Okta org.

If you want to create a connection to a different Okta org, see Authorize an account from another Okta org.

For additional information, see Guidance for Okta connector.

Create a connection from the current Okta org

To authorize the connector:

  • You must be assigned to the Okta Workflows OAuth app.

  • You must have super admin credentials.

    In addition to the initial authorization of the connector, reauthenticating this connection requires an account with super admin privileges.

  1. In the Okta Workflows Console, go to Connections.

  2. Click New Connection to see a list of all available connectors.

  3. Select the Okta connector.

  4. In the New Connection window, enter a Connection Nickname. This is the display name that appears in your connections list.

  5. Enter Domain. This is your Okta org domain, without the https:// prefix. For example, atko.okta.com.

  6. Enter the Client ID and Client Secret. You can retrieve these values through the Okta Workflows OAuth application:

    1. In the Admin Console, go to ApplicationsApplications.

    2. Open the Okta Workflows OAuth application.

    3. Click the Sign On tab and copy and paste the Client ID and Client secret values in your Okta connection details.

  7. Click Create.

The new connection appears in the Connections list.

Authorize an account from another Okta org

To create a connection for an Okta org different from your current org, follow these steps:

  1. Create an OpenID Connect web app in the target Okta org.

  2. Configure the OpenID Connect web app.

  3. Authorize an account from the target Okta org.

If you want to create a connection for the current Okta org, see Create a connection from the current Okta org.

Create an OpenID Connect web app in the target Okta org

  1. In the Admin Console, go to ApplicationsApplications.

  2. Click Create App Integration.

  3. In the Create a new app integration window, select OIDC - OpenID Connect for the Sign-on Method, and set the Application type to Web application.

  4. Click Next.

  5. On the New Web App Integration page, enter your Application name. This is the display name shown for your app.

  6. Enter the Sign-in redirect URIs for the app. Enter the URI for the location where the app resides, not the target org. For example, to connect to an Okta preview org from a production org, use https://oauth.workflows.okta.com/oauth/okta/cb.

  7. Click Save.

The app is created and appears on the Applications page.

Configure the OpenID Connect web app

  1. In the Admin Console, go to ApplicationsApplications.

  2. Select your newly created application.

  3. On the General tab, click Edit.

  4. In the Allowed Grant Types list, select Refresh Token.

  5. Click Save.

  6. Select the Assignments tab, and then click Edit.

  7. Assign the app to the appropriate users. You can assign it to individual people or to groups.

    The user must have continuous super admin privileges.

  8. Save your assignments.

  9. On the Okta API Scopes tab, grant consent for the scopes required for your use cases. See List of available scopes.

  10. Click Save.

The app is now configured and an assigned user can create a connection for this org.

Authorize an account from the target Okta org

To perform this procedure:

  • You must be assigned to the OpenID Connect web app created in the previous procedures.

  • You must have super admin credentials.

    In addition to the initial authorization of the connector, reauthenticating this connection requires an account with super admin privileges.

You also need the following information for authorizing your Okta account:

  • Domain: Your Okta org domain. If the URL of your Okta org is https://yourcompany.okta.com, then your domain is yourcompany.okta.com.

  • Client ID and Client Secret: These are the client ID and client secret values found in your OAuth app. To find these values:

    1. In the Admin Console, go to ApplicationsApplications.

    2. Open the Your OpenID Connect web app application.

    3. Click the Sign On tab and copy and paste the Client ID and Client secret values in your Okta connection details.

  1. In the Okta Workflows Console, go to Connections.

  2. Click New Connection to see a list of all available connectors.

  3. Select the Okta connector.

  4. In the New Connection window, enter the Connection Nickname. This is the display name that appears in your connections list.

  5. Enter Domain, Client ID, and Client Secret values.

  6. Click Create.

The new connection appears in the Connections list.

Related topics

Okta connector

Workflow elements

Guidance for Okta connector

Okta API documentation