Okta SSO Setup (Connect Users)

If your organization already has an Okta account, we can integrate it with the InsCipher Connect portal for a faster and more secure login experience for your users.

Setup Requirements:

In order to connect your Okta account with the InsCipher Connect portal for a streamlined SSO login experience, you will need to follow the step below. As there is a cost to support this integration, we ask clients interested in implementing this functionality to contribute to the cost. Please contact your InsCipher implementation specialist should you have questions.

Method and Type:

We utilize an OAuth 2.0 authentication method and a Web Application type for this integration.

Getting Started:

To get started, an Okta admin must sign in to the Okta Admin Console. To access the settings page, go to Applications > Applications

In the main panel, click create a new app integration and follow the setup process, selecting OIDC - OpenID Connect method and Web Application type. You will need to associate applicable users to this new application.

Callback or Sign-in Redirect URI:

After creating a new app, please add this sign-in redirect URI

https://surpluslines.inscipher.com/sso/connect/check/okta

Required Parameters:

The following information will need to be securely sent to the InsCipher implementation team in order to connect your OKTA SSO account:

  • Client ID: 
  • Client Secret:
  • Issuer URL:

Where to get this information?

Go to your OKTA settings

Note: Issuer URL needs to add oauth2 e.g. https://dev-74470422.okta.com/oauth2

Once Activated

After the OKTA SSO integration is enabled, your users will no longer be able to log in using their legacy usernames/passwords. If users try to edit their passwords, they will see a message like this:

Therefore, should you wish to implement this with your organization, it will be important that users are aware of this change. 

Once enabled, the process is pretty straightforward. On the main login screen, https://surpluslines.inscipher.com, would just click the “OKTA” button, add their company email, then they would be directed (the first time) to add their Okta password. After that, our system would drop a cookie so that future logins will only require them to add their email. 

Ongoing Maintenance

Should any of the credentials provided to InsCipher be changed, these would need to be updated in the portal. This can be done by either contacting support or by going to Setup > User List & Settings > and clicking on the "AUTHENTICATION PROVIDERS SETUP" button on the top right of the page: