Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Current »

For users to Authenticate with Okta, an Okta administrator must first provision an application to communicate with GlobalSearch.  

Okta Application Setup

These initial setup steps will need to be performed by your Okta administrator.

  1. From the Applications page in Okta Admin, create a new App.
  2. Your application's Platform should be Web and Sign on method should be OpenID Connect.



  3. In General Settings, give the Application a name, and provide a logo.  We recommend an application specific name like GlobalSearch.  Application names will display on the user's App landing page, so using a name that let's the user know what application they will be loading is helpful.  The Square 9 logo can be downloaded here for customers that wish to use it.



  4. In Configure OpenID Connect, provide the Login Redirect URI's for your GlobalSearch instance.  Note, these are case sensitive in Okta, so we recommend you provide both case variants outlined here.  The redirect URI represents the login page to your specific GlobalSearch instance.  For most customers, this would be the server name or FQDN, followed by /square9web/login.html.

  5. Save the Application.
  6. Edit General Settings and modify the Allowed grant types.  Check Client Credentials, Refresh Token, Implicit (Hybrid), Allow ID Token with implicit grant type, and Allow Access Token with implicit grant type.



  7. In the Login section, modify Login initiated by to Either Okta or App.  If users access the App landing page in Okta, you can also enable Display application icon to users here.



  8. Save any changes and the Okta side of the provisioning is complete for authentication.  Note, environments that wish to leverage SCIM for account and group creation tasks will need to separate setup a SCIM as well.  With the application setup complete, the Okta admin will be able to provide both the Client ID and the Okta domain in use for the application.  Your GlobalSearch administrator will need these details when setting up GlobalSearch to send Authentication requests to Okta.  These details can be taken from the Client Credentials and General Settings of the application that was configured.

User Assignment

With the GlobalSearch Application created in Okta, users can be added on the Assignments tab.

Matching user accounts must exist in GlobalSearch, and those users must be secured to GlobalSearch objects to be considered authorized.

  • No labels