You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+12-9Lines changed: 12 additions & 9 deletions
Original file line number
Diff line number
Diff line change
@@ -89,16 +89,17 @@ urlpatterns = [
89
89
90
90
In the Okta admin console create your application with the following steps:
91
91
92
-
1. Click `Create New App`
93
-
2. Choose the `Web` platform
94
-
3. Choose the `OpenID Connect` Sign on method
95
-
4. Click the `Create` button
92
+
1. Click `Create New Create App Integration`
93
+
2. Choose the `OIDC - OpenID Connect` Sign on method
94
+
3. Choose the `Web Application` type
95
+
4. Click the `Next` button
96
96
5. Give the application a name and choose a logo if desired
97
97
6. Add the URL to the login view as defined in the previous section, eg. `http://localhost:8000/accounts/login/`
98
-
7. Click the `Save` button
99
-
8. In the General Settings of the application click edit and check `Authorization Code` and the `Refresh Token` under `Allowed grant types`.
100
-
9. Save the settings
101
-
10. Take note of the `Client ID` and the `Client secret` in the Client Credentials for use in the next section. It is important to note that the `Client secret` is confidential and under no circumstances should be exposed publicly.
98
+
7. Select your preferred Controlled access type
99
+
8. Click the `Save` button
100
+
9. In the General Settings of the application click edit and check `Authorization Code` and the `Refresh Token` under `Grant type`.
101
+
10. Save the settings
102
+
11. Take note of the `Client ID` and the `Client secret` in the Client Credentials for use in the next section. It is important to note that the `Client secret` is confidential and under no circumstances should be exposed publicly.
102
103
103
104
### Django Okta Settings
104
105
@@ -180,6 +181,8 @@ A minimal template for the login could be:
180
181
</html>
181
182
```
182
183
184
+
If you use this template, then you also need to add your server as a Trusted Origin in the Okta admin console. Navigate to `Security/API/Trusted Origins`, click `Add origin` and select at least `CORS` and `Redirect`.
185
+
183
186
## Settings Reference
184
187
185
188
**_ORG_URL_**:
@@ -202,7 +205,7 @@ _str_. The Client Secret provided by your Okta Application.
202
205
203
206
_str_. The scopes requested from the OpenID Authorization server. At the very least this needs to be `"openid profile email"` but if you want to use refresh tokens you will need `"openid profile email offline_access"`. This is the default.
204
207
205
-
If you want Okta to manage your groups then you should also include `groups` in your scopes.
208
+
If you want Okta to manage your groups then you should also include `groups` in your scopes. In that case, make sure your authorization server has the `groups` scope enabled. You can do so by navigating to `Security/API/Authorization Servers`, editing the default server, and adding the `groups` scope.
0 commit comments