Okta SSO configuration
      Back to home
      1. Knowledge Base
      2. ACCOUNT SETTINGS
      3. Okta SSO configuration

      How To Set Up Okta SSO

       

      Attention
      Setting up SSO and Directory Sync requires two consecutive steps:

      Step 1: Connect your OKTA directory with Wizer

      Step 2: Configuring the SCIM Automatic user provisioning

       


      Step 1: Connect your OKTA directory with Wizer

      1. Create a New App in the Okta admin portal

      As an Okta administrator, log in to your organization’s Okta Developer console here:

      https://login.okta.com/

      Please make sure you’re logged in to the admin portal

       

      Click Applications  Create App Integration

       

      Choose OIDC - OpenID Connect and Web Application  Next

       

      2. Please enter the following under Application Settings:

      General Settings

      Application name: Wizer

      Sign-on redirect URLs: https://api.wizer-training.com/api/v1/sso/okta/callback

      Please select Skip group assignment for now or select based on your organizational settings

      Click Save and click Edit on the Application Page General Settings.

       

      Check the following boxes:

      Allowed Grant Types:

      Authorization Code

      Implicit (Hybrid)

      Allow ID Token with implicit grant type

      Login initiated by:

      Either Okta or App

      Application visibility:

      Display application icon to users

      Login flow:

      Redirect to app to initiate login (OIDC Compliant)

      Initiate login URL: https://api.wizer-training.com/api/v1/sso/okta/callback

      Click Save.

       

      3. Settings in Wizer Application

      Copy Client ID, and Client Secret and paste them to settings in Wizer Application (https://admin.wizer-training.com/settings/single-sign-on)

      Paste the Okta Domain from your Okta Org URL (Do not include https:// or the trailing slash!). Your org URL will look like this:

      Example: mycompany.okta.com

      Click Save.

       

      4. Assign users in Okta

      Assign users to the Wizer application in Okta based on your organizational settings, so they can have access to it. 

      Please make sure the user assignment is the same when you configure SCIM automatic provisioning.

      5. Test your Okta login

      Log out if you are logged in Employee App (https://app.wizer-training.com). In the Wizer admin panel, click your SSO Link in the Okta tab https://admin.wizer-training.com/settings/single-sign-on.

      You will be redirected to the Employee App.

      Click Log in.

       

      You will be redirected to your Okta login web page. Enter your Okta credentials. You should be redirected back to the Wizer Employee App and should be Signed In.





      Step 2: Configuring the SCIM Automatic user provisioning

      Now you can request a SCIM bearer token and configure (click the link below to proceed with step 2 which opens in a new tab)

      Okta SCIM - Automatic User Provisioning

      You may also Enforce SSO. This feature allows configuring SSO user access to Wizer. When SSO is not enforced the users can sign in to Wizer with SSO and password by using the reset password flow. This is considered a security issue, as it contradicts the very essence of the SSO application. Now as an Admin you can Enforce SSO in Wizer UI and forbid password usage for SSO users. Non-SSO users will still be able to log in with the password.

       

      Any questions? Please contact our support specialists at support@wizer-training.com.

      Best regards,

      wizer_logo_dark