This article aims to provide you with the resources to successfully configure some of the most common Identity Providers (Okta, Auth0) for Single Sign-On with the Intigriti platform. Specifically, we provide the most relevant knowledge base articles per Identity Provider, as well as any additional tips for easier integration with our platform.

Prerequisites

  • Configuration permission for your company's Identity Provider

  • Company admin access to your company's Intigriti platform

Table of Contents


Configuring Okta

Please follow this Okta KB article: Create OIDC app integrations using AIW (https://help.okta.com)

Recommended options & actions

When following the guide & prompted during configuration in Okta, please select the following options:

Prompt

Recommended action

Sign-in method

Select:
✅ 'OIDC - OpenID Connect'

Application type

Select:

✅ 'Web application'

Grant type

Select:

✅ 'Client Credentials'

Sign-in redirect URIs

Provide 'Redirect URL' from SSO > Settings portal

Sign-out redirect URIs

Ignore field

Base URIs

Ignore field

Controlled access

According to your company's policy

Where to find your Client ID (and Client Secret)

Once your application integration is set up, go to: Okta Admin Console > Applications > Applications > [your App integration]

Go to Client Credentials in the General tab. Your Client ID & Client Secret will be shown.

Where to find the Identity provider URL

Once your application integration is set up, go to: Okta Admin Console > Applications > Applications > [your App integration]

Go to Sign On.

Scroll down to OpenID Connect ID Token. Click Edit, and open the Issuer dropdown. Select Okta URL. The URL provided within brackets is the Identity Provider URL you will need to fill out.

Once you have gathered & configured the above information, please refer to Configuring Single Sign On (SSO) to continue SSO set-up.


Configuring Auth0

Please follow this Auth0 KB article: Auth0 Configuration (Web Apps + SSO) (https://auth0.com)

Recommended options & actions

When following the guide & prompted during configuration in Okta, please select the following options:

Prompt

Recommended action

Application name

Name according to your company's needs ("Intigriti" is a great choice, however! :) )

Choose an application type

Select:
✅ 'Regular Web Applications'

Once you've selected the application type, click Create. Your instance will be created, and you will be redirected to a Quick Start overview.

Where to find your Identity Provider URL, Client ID, and Client Secret

To continue configuration, go to Settings. Under the Basic Information section, you can find the Domain (= Identity Provider URL), Client ID, and Client Secret.

Where to add your Redirect URL

Go to the Settings tab of your Application. Scroll down to the Application URIs section to find the Allowed Callback URLs field. Add the Redirect URL provided by the Intigriti platform here, and save your changes.

Once you have gathered & configured the above information, please refer to our Configuring Single Sign On (SSO) article to continue SSO set-up.


Configuring Ping Identity

Please follow this Ping Identity knowledge base article: Add or update an OIDC application

Once you have gathered & configured the above information, please refer to Configuring Single Sign On (SSO) to continue SSO set-up.


Configuring Google Identity

Please refer to this Google Identity knowledge base article: OpenID Connect

In some instances it may be necessary to refer to the /.well-know URL of the IDP instead of the IDP URL itself, depending on the IDP setup

Once you have gathered & configured the above information, please refer to Configuring Single Sign On (SSO) to continue SSO set-up.


Configuring Azure Active Directory

Where to find your Identity Provider URL, Client ID, Client Secret, and add your Redirect URL

1) Sign in to Azure. Navigate to Azure Active Directory.

2) In the left column, Under Manage, select Enterprise Applications.

3) Select New application. You will be redirected to the Azure AD Gallery.

4) Select Create your own application.

Add a name for the application (e.g. Intigriti SSO), and indicate for application purpose: Integrate any other application you don't find in the gallery (Non-gallery).

Select Create when finished.

5) Once your application has been added, navigate back to the Azure AD Default Directory Overview. In the left pane, under Manage, select App registrations.

6) Select the application you just created.

If the application is not shown in the list, check the All applications tab.

7) On your application's Overview page, you can find your Client ID to add to your Intigriti SSO config.

8) Next, on the same Overview page, select Endpoints.

9) The URL titled OpenID Connect metadata document is your Identity Provider URL.

10) If you would like to add a Client secret, go back to the overview page of your application. In the Essentials section you'll find Client credentials. Select Add a certificate or secret.

11) Choose a name and expiry date for the Client secret. When finished, select Create.

12) Your Client secret will be displayed as Value. Make sure to store it somewhere safe, as the value will be obscured when you return later.

13) To add the Redirect URL, navigate back to your Azure AD Default Directory Overview. Select App registration, select your application, and go to Authentication.

14) Select Add a platform. In the configuration screen, select Web application as the platform type.

15) Add the Redirect URL provided on your Intigriti SSO Settings page.

16) Succes! SSO is now configured in Azure AD.

Don't forget to finish and activate your SSO configuration in the Intigriti application.

Once you have gathered & configured the above information, please refer to Configuring Single Sign On (SSO) to continue SSO set-up.

Did this answer your question?