To use Single Sign-On (SSO) authentication via OKTA for RoboHelp Server, configure the OKTA settings in the SSO section of the Configuration Manager. The description of the required fields are as follows:
- OKTA Base URL
The domain of your organization's OKTA server authentication; For example,
In the URL, replacehttps://{yourOktaDomain}.{yourOktaDomain}with your organization’s base URL.OKTA allows you to create multiple Custom Authorization Servers within a single Okta org that you can use to protect your own resource servers. Within each authorization server, you can define your own custom OAuth 2.0 scopes, claims, and access policies to support authorization for your APIs.
- OKTA Issuer
The URL to an Okta Authorization Server; for example, the default authorization server address is
https://{yourOktaDomain}/oauth2/default.
- Redirect URI Pathname
- The redirect URI pathname specifies the location where OKTA
returns a browser after the user finishes authenticating with their
Identity Provider. The redirect URL is fixed, based on the context
name, which is always "
<context-name>/admin/index.html".
- Response Type
- The Response Type determines which flow is used. The
token(required) andid_token(optional) are currently supported for verification of authentication. For example, if you wish to use token and id_token, then this field should be specified as token, id_token. - ClientID
- The ClientID of the OKTA application is used for authentication.
- Scope
- The scope of the OKTA parameters, determine the claims that
are returned in the
id_token. This includes the scopes that you want to request authorization for and separate each by a space. You can request any of the standard scopes, such as email, profile and openid.