Okta (OpenID)

OpenID Provider Configuration for Okta

Review OpenID Connect (SaaS) before you begin.

The notes below describe minimal steps to be taken in Okta. You may need to adjust the steps based on the specifics of your environment.

  1. Log in to your Okta organization as a user with administrative privileges and click to the Admin dashboard

  2. Click on the Add Applications shortcut, then click the Create New App button

  3. Select Web as the Platform type, then click OpenID Connect as the Sign-on method, then click Create

  4. Create a new application:

    • Enter your choice of General Settings.

    • For Login redirect URIs, enter one of the following values:

      See SaaS Regions and IP Ranges and identify the correct domain URL (redirect URL) associated with your Sysdig application and region. For example, domain URLs of Monitor and Secure for US East are:

      • Sysdig Monitor: https://app.sysdigcloud.com/api/oauth/openid/auth

      • Sysdig Secure: https://secure.sysdig.com/api/oauth/openid/secureAuth

      For other regions, the format is https://<region>.app.sysdig.com.

      Replace <region> with the region where your Sysidig application is hosted. For example, for Sysdig Monitor in the EU, you use https://eu1.app.sysdig.com/api/oauth/openid/auth.

    • Click Save.

  5. You should next be placed in a General tab. Take note of the Client ID and Client secret that are shown.

    You will enter them on the OpenID Configuration page in the Sysdig authentication settings.

  6. Click to the Sign On tab. Take note of the Issuer URL that is shown, as it will need to be sent to Sysdig Support.

    You will enter it in the OpenID Configuration page in the OpenID settings.