Skip to content
  • There are no suggestions because the search field is empty.

How do I use the Okta integration?

What is Okta? Okta is a trusted identity and access management platform that helps organizations securely manage user authentication and authorization. More than 10,000 organizations use Okta software and APIs to provide secure access to their applications and systems.

How does POINT integrate with Okta? 

POINT integrates with Okta to provide secure and seamless login experiences for organizations that already use Okta for authentication.

If your organization uses Okta to access internal systems or other web applications, you can use the same credentials to log in to POINT. This enables Single Sign-On (SSO), allowing users to access POINT without creating or managing separate login credentials.

How to set up an Okta Integration: 

Access or create your Okta account

If your organization already uses Okta:

  • Go to your organization’s Okta login page.

  • Sign in using your existing credentials.

If you need to create an Okta account (free trial):

  • Visit the Okta sign-up page.

  • Complete all required fields.

  • Click “Start free trial”

  • Verify your Okta account via the confirmation email.

  • Follow Okta instructions until your profile is fully activated.

If you would like to learn more about how to use Okta, refer to the official Okta documentation.


Accordion: Add POINT to Okta (SPA)

Follow the steps below to add POINT as a Single-Page Application (SPA) in Okta.

1. Log in to the Okta Admin

  • Log in to your Okta account.

  • Select your organization (if prompted).

  • In the top-right corner, click “Admin” to open the Admin Console 

You must have administrator access in your organization to complete this setup.

 


2. Navigate to Applications

  • Follow the intermediate steps to clarify the information (if prompted).
  • From the left-hand navigation menu, click “Applications”
  • From the dropdown, select “Applications” again.


3. Create a new app integration

On the Applications page, click “Create App Integration”


4. Configure the sign-in method

  • In the Sign-in method section, select “OIDC – OpenID Connect”

  • When prompted to choose the application type, select “Single Page Application”

  • Click “Next”

5. Complete the “New Single-Page App Integration” form

After clicking Next, the “New Single-Page App Integration” form will open.

  • In the App integration name field, you may rename the application to “POINT SPA Integration” or keep the default name.

6. Configure Grant Types

Under Grant type, select the following options:

  • Authorization Code
  • Refresh Token

Next:

  • Expand the Advanced section.
  • Under Other grants, select Interaction Code.”


⚠️ Important: Interaction Code option not visible?

If the Interaction Code checkbox does not appear, it means the Interaction Code grant type is not enabled for your Okta organization.

To enable it:

  1. In the Okta Admin, go to Settings > Account.
  2. Locate Embedded widget sign-in support.
  3. Enable this setting.
  4. Return to Applications > Create App Integration and repeat the previous steps.

7. Configure Redirect URIs

Scroll down to the “Sign-in and Sign-out redirect URIs” section.

Sign-in redirect URI
  • Under Sign-in redirect URIs, click “Add URI”
  • Enter the following value: https://dash.pointapp.org/login/callback

Note: If any URIs are already listed, do not remove them. Simply add the URI above.

Sign-out redirect URI
  • Under Sign-out redirect URIs, click “Add URI”
  • Enter the following value: https://dash.pointapp.org

Note: If any URIs are already listed, do not remove them. Simply add the URI above.

Trusted Origins
  • Under Trusted Origins, Base URIs click “Add URI”
  • Enter the following value: https://dash.pointapp.org

8. Configure Assignments

Under Assignments and Controlled access:

  • Select “Allow everyone in your organization to access.”

Ensure Enable immediate access remains unchecked if you want to assign the app to specific groups or users later.

9. Save the configuration

Click “Save” to complete the setup.

 

Add POINT to Okta (Native App)

Follow these steps to add POINT as a Native Application in Okta.

1. Access Applications

  • In the Okta Admin, go to the left-hand menu and click Applications.
  • From the dropdown, select Applications again.
  • On the Applications page, click “Create App Integration”

2. Configure the sign-in method

  • In the Sign-in method section, select “OIDC – OpenID Connect”
  • When prompted for the application type, select “Native Application”
  • Click Next

3. Complete the “New Native Application Integration” form

  • In the App integration name field, rename the application to “POINT Native App Integration” or keep the default name.
  • Under Grant type, select:
    • Authorization Code
    • Refresh Token
  • Expand the Advanced section.
  • Under Other grants, select Interaction Code”

Note: If the Interaction Code checkbox does not appear, it means this grant type is not enabled for your Okta organization.

To enable it:

  1. Go to Settings > Account in the Okta Admin Console.
  2. Enable Embedded widget sign-in support.
  3. Return to Create App Integration and repeat the previous steps.

4. Configure Redirect URIs

Sign-in redirect URI
  • Under Sign-in redirect URIs, click “Add URI”
  • Enter: org.pointapp.point:/login

Note: If other URIs are already listed, do not remove them simply add the above URI.

Sign-out redirect URI
  • Under Sign-out redirect URIs, click “Add URI.”
  • Enter: org.pointapp.point:/logout

Note: If other URIs are already listed, leave them and just add this URI.

5. Configure Assignments

Under Assignments and Controlled access:

  • Select “Allow everyone in your organization to access.”
  • Ensure Enable immediate access remains unchecked if you want to assign the app to specific groups or users later.
6. Save the configuration

Click “Save” to complete the setup.

 

Update your Okta Security Settings (Trusted Origins)

Before completing the integration, verify that https://dash.pointapp.org is added as a trusted origin in your Okta security settings. This ensures proper CORS support for POINT.

Steps:

  1. In the Okta Admin, go to the left-hand menu and navigate to:
    Security > API > Trusted Origins
  2. Check if https://dash.pointapp.org is already listed as a trusted origin.
    • If it is listed, no further action is needed.
    • If it is not listed, follow these steps:
  3. Click “Add Origin”
  4. Fill in the fields:
    • Origin Name: POINT Dash
    • Origin URL: https://dash.pointapp.org
    • Choose Type: Select Cross-Origin Resource Sharing (CORS)
  5. Click Save to apply the changes.

✅ This ensures your Single-Page Application can securely communicate with Okta without cross-origin issues.

Update Your Access Policies

To ensure POINT users can authenticate correctly, verify and update your Okta access policies as needed.

Steps:

  1. In the Okta Admin, go to the left-hand menu and navigate to Security > API
  2. Select the Authorization Servers tab.
  3. Locate the custom authorization server you want to update, and click the pencil icon next to it to edit its settings.

 Only administrators with proper permissions can edit authorization server policies.

 

Configure Access Policies for POINT

After opening the Authorization Server for editing:

  1. Click the Access Policies tab.
  2. If no Access Policies exist:
    1. Click Add Policy.

  • Create the policy.
  • After creating the policy, click Add Rule and repeat the steps below.

3. (Skip this step if you are just creating Default Policy Rule) or Locate the policy that applies to your application (e.g., Default Policy Rule) and click the pencil icon in the Actions column to edit it.

4. In the Rule screen:

    • Click Advanced in the IF Grant type is section.

    • Under Other grants, select Interaction Code and Create or Save rule.

Note: If the Interaction Code checkbox does not appear, the Interaction Code grant type is not enabled for your Okta organization.
To enable it:

  1. Go to Settings > Account in the Okta Admin Console.
  2. Enable Embedded widget sign-in support.
  3. Return to the Authorization Server and repeat these steps.

Add Okta to POINT

After setting up the application in Okta, connect it to your POINT organization:

  1. In your POINT Admin Dashboard, navigate to the left-hand menu and click:
    Organization > Integrations
  2. Select Okta from the list of available integrations.
  3. Enter the required information:
    • Client ID – obtained from the Okta app you created (SPA or Native App).
    • Domain – your Okta organization domain.

Note: If you are unsure how to find the Client ID or Domain, see the instructions below.

4. Click Save to enable the integration.

 

Finding your Okta Client ID and Domain (SPA)

To connect POINT to your Okta Single-Page Application, you will need the Client ID and Domain from your Okta app.

Steps to find your Client ID:

  1. Log in to your Okta account and select your organization.
  2. In the top-right corner, click Admin to open the Admin Console.
    Note: You must have administrator access in your organization.
  3. From the left-hand menu, navigate to: Applications > Applications
  4. Click the Active tab to see all active applications.

Add Client ID to POINT

  1. From the Active Applications list, select your SPA application (e.g., “My SPA”).
  2. Open the Client Credentials section.
  3. Locate the Client ID and copy it.
  4. Go to your POINT Admin Dashboard > Organization > Integrations > Okta.
  5. Paste the Client ID into the field “SPA: Okta Client ID.”

Domain

  1. In the same SPA application, go to the Sign On tab.
  2. Click OpenID Connect ID Token and then Edit.
  3. Update the Issuer field with your Okta organization URL.
  4. Click Save.
  5. Copy the URL.
  6. Paste it into POINT under: “SPA: Okta Domain.”


Finding your Okta Client ID and Domain (Native App)

Client ID

  1. Log in to your Okta account and select your organization.
  2. Click Admin in the top-right corner.
  3. Navigate to: Applications > Applications, then select the Active tab.
  4. Select your Native App (e.g., “My Native App”) and open Client Credentials.
  5. Copy the Client ID.
  6. Paste it in POINT under: “Native App: Okta Client ID (Native App).”

Domain

  1. In your Native App, go to the Sign On tab.
  2. Click OpenID Connect ID Token and then Edit.
  3. Change the Issuer field to your Okta URL.
  4. Click Save.
  5. Copy the URL and paste it into POINT under: “Native App: Okta Domain (Native App).”

Delete your Okta Integration

If you need to remove Okta from POINT:

  1. In the POINT Admin Dashboard, go to:
    Organization > Integrations
  2. Select Okta.
  3. Click Delete Integration.

 

Questions? Email us at  support@pointapp.org.