Logging in with Single Sign-On (SSO) through Okta
All Tera users have the ability to configure a default Identity Provider to power Single Sign On (SSO). This article details how to configure Okta as the primary Identity Provider to facilitate SSO with the Tera application.
Requirements
In order to proceed with configuring login with SSO through Okta, you must:
- Have access to an Okta tenant
- Be an Okta administrator to that tenant
- Have received a Welcome to Tera email invitation
If you have not received a Welcome to Tera email invitation, please email support@tera.cloud to request an invite.
Configuration Steps
The following documents the configurations for setting up the OIDC integration between Tera and Okta. Okta is the Identity Provider (IDP) and depending on the use case, the user will be redirected to Okta for authentication if no session has been established.
- Login to your organization’s Okta tenant and select the
- Navigate to Applications > Applications > Add Application, search for Tera, and then click Add.
- Enter an Application Label in General Settings. This is the name under which the Tera app will appear in your Okta dashboard.
- Click Done.
- Then under the Sign On tab of the Tera application, copy the Client ID
- Under the General tab, find the Okta Domain (or Issuer URL), which is the URL at which you are accessing your Okta tenant (https://example.okta.com). This URL also appears in the Embed Link section. Be sure to remove everything appearing after okta.com. In Tera, fill this in under the issuer field.
- Before leaving Okta, ensure you have given yourself and any other target users access to the Tera application. You can do this by going to Applications > Tera > Assign and then assigning to either the target people or group.
Configure SSO in Tera
- Login into Tera Portal
Use the URL: https://app.qa.tera.cloud/#/system/login
- Settings
Click on “Settings” menu after landing into the Tera portal
- Information
Click on “Okta” tab under the “Preferences” tab when you land settings page
Paste the issuer address and client id in the text box.
- Save Information
For saving the client id and issuer address, click on “Submit” button
- Create User
You can create user accounts which need to access okta.
In this page click on “Add New User”