Okta and OpenID Connect

This document covers step two of the Single sign-on (SSO) setup process, and shouldn't be completed independently.

1. Log in to Okta, and click Applications in the left menu, then select Applications again from the expanded menu.

   

2. Click the Create App Integration button at the top.

   

3. Select the OIDC - OpenID Connect radio button as the sign-in method.

   

4. Select the Web Application radio button, and click Next.

   

5. Enter a name for the application, such as Matillion.

   

   Note

   There are optional steps at the end of this document if you wish to add an icon for users. The icon for the application itself must always be hidden, as using it will attempt an IdP Initiated connection which we do not allow for security reasons.

6. Enter https://id.matillion.com/login/callback in the Sign-in redirect URIs field.

   

7. Scroll to the bottom, assign access to the users or groups you want to be able to use the application, and click Next.

   

8. Click the button to copy the Client ID, and make a note of it for later.

   

9. Click the button to copy the Secret, and make a note of it for later.

   

   Note

   Contact us to arrange for the secret to be rotated before the existing one expires to avoid minimal interruption to your users.

10. Determine your OpenID Connect Well-Known URL, which is usually https://<OKTA_DOMAIN>/.well-known/openid-configuration, and make a note of it for later.

11. Continue the steps in Single sign-on (SSO) setup.

    Note

    Optional: Follow the steps in configure an Okta application icon so users can access Matillion from their Okta dashboard. If you don't need an application icon, skip this section and continue with Single sign-on (SSO) setup.

    ---

Configure an Okta application icon (optional)

1. Click Applications.

   

2. Click Browse App Catalog.

   

3. Enter bookmark in the search field, and click Bookmark App.

   

4. Click Add Integration.

   

5. Enter an Application label and the URL https://app.matillion.com.

   

6. Select the bookmark from the list of applications, which will be shown with a star icon.

   

7. Click on the icon.

   

8. Upload an icon for the application, such as matillion.png. Note from Jay: can we make this a link to the attached matillion logo without showing the actual image in the doc?

   

9. Continue the steps in Single sign-on (SSO) setup.

Got feedback or spotted something we can improve?

We'd love to hear from you. Join the conversation in the Documentation forum!