How To Set Up Your Own Okta App (OpenID Connect)

Last updated 11/23/2021

Step 1

Log in to your Okta account as an Administrator.

Step 2

In the left navigation, click the Applications dropdown, then click on Applications.

Step 3

On the Applications page, click Add Application then Create App Integration.

Step 4

  • For Sign on method, select OIDC - OpenID Connect.
  • For Application type, select Web Application.
  • Click Next.
Step 4

Step 5

  • For Application Name, use your organization’s name.
  • For Sign-in Redirect URIs, enter: https://api.breadbutter.io/callback
Step 5

Step 6

  • Under Assignments, select the best controlled access option to suit your needs.
  • Click Save.
Step 6

Step 7

Optional - complete this step if your site will need a Refresh Token from Okta:
  • Go to the General tab.
  • Click Edit next to General Settings.
  • Enable Refresh Token.
  • Click Save.
Note: This setting can be updated at any time.
Step 7

Step 8

At the top of the General tab, take note of the Client ID and Client Secret for the Bread & Butter setup below.
Step 8

Step 9

Take note of your Okta account URL/Base URL (eg: https://company1.okta.com/). You can find this on the Sign On tab, as the Issuer field under OpenID Connect ID Token.

Step 10

Add your users to the App.

Step 11

Bread & Butter Setup:

  1. Go to https://app.breadbutter.io/sign-in/
  2. Click Sign In and authenticate (or Sign Up make a new account and authenticate).
  3. Navigate to Providers, then to Default Rules (or Domain Rules and open/create a domain module).
  4. Click on the Okta button under Enterprise Identity Providers.
  5. Choose OpenID Connect for the protocol.
  6. Enter a name.
  7. Enter a description (optional).
  8. Using your Okta account URL/Base URL, enter the Login URL as:[BASEURL]/oauth2/v1/authorize(eg: https://company1.okta.com/oauth2/v1/authorize)
  9. Enter the Token URL as:[BASEURL]/oauth2/v1/token(eg: https://company1.okta.com/oauth2/v1/token)
  10. Enter your Client ID and Client Secret from the Okta Steps above.
  11. Click Save & close.
  12. Enable Okta by clicking the new entry in the Okta Identity Providers list.
Step 11