Setup Okta SSO

A Complete Guide

To set up Okta SSO, follow the instructions below.

Contents

  1. Requirements

  2. Supported Features

  3. Okta Configuration Steps
  4. Logging Into OpenPolicy Using Okta

1. Requirements

  • Admin access to an Okta organization.

2. Supported Features

  • Service Provider (SP)-Initiated Authentication (SSO) Flow: This authentication flow occurs when the user attempts to log in to the application from OpenPolicy.
  • SCIM Provisioning
    • Push Users.
      Users in Okta that are assigned to the OpenPolicy application in Okta are automatically added as members to your organization in OpenPolicy.
    • Delete Users.
      Users in Okta that are unassigned from the OpenPolicy application in Okta are automatically deleted as members to in organization in OpenPolicy.
    • Update Users.
      Updating user information(e.g. first name, last name) on Okta would automatically reflect in the OpenPolicy application.

3. Okta Configuration Steps

  1. In Okta, navigate to Applications → Browse App Catalog, search for and add OpenPolicy.
    During the installation you will be required to add a "subdomain" varaible, request it from OpenPolicy support.

  2. If you intend to use SCIM - make sure to go to "Provisioning" tab and check the boxes in this photo:


Also, when using SCIM go to Provisioning->Integration

Go to "API Token" field and fill it in. you should receive it from OpenPolicy support.

Contact Us

4. Assign the users that should be able to log into OpenPolicy:

  1. Go to the OpenPolicy App → Assignments tab
  2. Click the “Assign” button
    • Choose People if you wish to add specific people access to OpenPolicy
    • Choose Group if you want to give access to OpenPolicy to anyone in a specific group.
  3. Anyone that is assigned via Okta should be included in a list of emails sent to your OpenPolicy representative so that they could be configured to work.
    1. If you use SCIM - you do not need to send us a list of emails, it will be done automatically.
  4. Go to Applications -> OpenPolicy and provide your OpenPolicy representative with the following:
    1. Okta Domain
    2. Client ID
    3. Client Secret
    4. Company email domain (for example if your users have an email like joe@example.com - send us example.com)

5. Logging Into OpenPolicy Using Okta

  1. After being invited or created via SCIM - to OpenPolicy, go to https://app.openpolicy.co/
  2. You will be prompted for your email, you must use your organizational email that was included in the list above or was assigned via SCIM.

That’s it, should any questions arise don’t hesitate to contact your OpenPolicy representative. 

OpenPolicy is on a mission to democratise innovators access to policy
Home
Company
Resources
Contact us
© 2025 OpenPolicy
Privacy policy
Terms of use