Jump to content

Connect Resco Cloud with Okta

From Resco's Wiki
Warning Work in progress! We are in the process of updating the information on this page. Subject to change.

Resco Cloud supports Okta authorization.

Prerequisites

  • To set up Okta authorization, you need Resco Cloud version 15.1 or higher.
  • To use Okta authorization, the app also must be updated to version 15.1 or higher.

Okta configuration

Log in to the Okta admin console as an administrator and set up app integrations for the web app and native apps, and set up an authorization server for Resco Cloud.

Web apps

  1. In the Admin Console, go to Applications > Applications.
  2. Click Create App Integration.
  3. To create an OIDC app integration, select "OIDC - OpenID Connect" as the Sign-in method.
  4. Select Web Application and click Next.
  5. Set up the General Settings:
    • As App integration name, enter a name for your app integration, for example "resco cloud web app".
    • As Grant type, select "Refresh Token".
    • As Sign-in redirect URIs, enter https://<your_server_name>/Authenticate.aspx/ADFS.
    • As Sign-out redirect URIs, enter https://<your_server_name>.

Native apps

  1. In the Admin Console, go to Applications > Applications.
  2. Click Create App Integration.
  3. To create an OIDC app integration, select "OIDC - OpenID Connect" as the Sign-in method.
  4. Select Native Application and click Next.
  5. Set up the General Settings:
    • As App integration name, enter a name for your app integration, for example "resco cloud native apps".
    • As Grant type, select "Refresh Token".
    • As Sign-in redirect URIs, enter https://www.resco.net/oauth.html.

Authorization server

  1. In the Admin Console, go to Security > API.
  2. On the Authorization Servers tab, either modify the default authorization server or click Add Authorization Server to add a new one.
    • As Name, enter a name for authorization server, for example "resco cloud auth server".
    • As Audience, enter https://resco.net/rescocloud.
  3. Go to the Claims tab and click Add Claim:
    • As Name, enter upn.
    • As Include in token type, select "ID Token" and "Always".
    • As Value type, select "Expression".
    • As Value, enter user.email.
  4. Add another claim:
    • As Name, enter uid.
    • As Include in token type, select "ID Token" and "Always".
    • As Value type, select "Expression".
    • As Value, enter user.id.

Connect Resco Cloud to OKTA

Resco Cloud

Sign in to the Resco Cloud management console using a System Administrator user account.

Start the Admin Console

Select Settings > Organization from the menu to edit the properties of your organization.

In the Identity provider line, click Connect....

Choose OKTA

As Metadata URL, enter the URL to your OKTA Authorization server (e.g. https://{your domain}/oauth2/default )

The read-only Redirect URI is provided for your reference (you need it for OKTA configuration).

Enter the Client ID and Client Secret from OKTA Web app configuration

Enter the Native Client ID from OKTA Native App configuration

Retrieved from "https://wiki.yourdomain.com/index.php?title=Connect_Resco_Cloud_with_Okta&oldid=6603"