Okta integration using OpenID Connect Provider (OIDC)


For more detailed integration steps, see Keycloak with Okta OpenID Connect Provider.

Follow these steps to integrate Okta using OIDC:

  1. Ensure you have completed the steps in Simple login flow.

  2. Start creating th eOIDC Identity Provider integration in the Keycloak.

  3. In Okta, create a new OpenID connect application integration and use PUBLIC (make sure it’s not a localhost) redirect uri as a login URL in Okta form.

  4. Copy the Client ID and Client Secret from Okta into the Keycloak’s configuration.

  5. Under Client Authentication, select Client Secret Sent as POST.

  6. By default, use https://{OKTA-DOMAIN}/oauth2/default/v1/authorize and https://{OKTA-DOMAIN}/oauth2/default/v1/token as authorization and token endpoints, respectively.

  7. Set openid profile email as default scopes.