Skip to main content
All CollectionsIntegrations
Integrating with Okta
Integrating with Okta

How to set up your Okta integration with candidate.fyi

Updated over 7 months ago

This document guides IT administrators through setting up Candidate.fyi, a web application, with Okta using OpenID Connect (OIDC). OIDC extends OAuth 2.0 to include an ID token for verifying user identities, making it optimal for Single Sign-On (SSO) for cloud and mobile applications.

Prerequisites

  • An active Okta administrator account.

  • Administrative access to Candidate.fyi.

Familiarity with OAuth 2.0 and OIDC principles.

Install from OIN

Integration Steps

Step 1: Register a New Application in Okta

  1. Access Okta Admin Dashboard: Log in to your Okta Admin account.

  2. Brows App Catalog: Search for candidate.fyi and add integration.

  3. Fill out the Integration Form:

    1. Leave the application label as candidate.fyi

    2. Enter your Okta domain (

      1. If your domain is https://[yourdomain.okta.com] your Okta domain would be yourdomain.okta.com

Step 3: Configure Candidate.fyi with OIDC

  1. Log into Candidate.fyi: Log into candidate.fyi at https://app.candidate.fyi

  2. Navigate to Okta Integration settings: Locate the section for Okta integration.

  3. Enter OIDC Details:

    1. This information can be found under Sign On tab in the new candidate.fyi application in Okta

    2. Client ID: Enter the Client ID from Okta.

    3. Client Secret: Enter the Client Secret from Okta.

    4. Client Domain: This is the URL of your Okta domain, typically in the format https://[yourdomain.okta.com]. <- We need the [yourdomain.okta.com]

Step 4: Assign Users and Groups in Okta

  1. Go back to your Okta Admin Dashboard.

  2. Under the Assignments tab of your Candidate.fyi application, click Assign to either individuals or groups as needed.

  3. Ensure all intended users have access to Candidate.fyi through Okta.

Supported Features

SP-Initiated SSO

Service Provider-initiated Single Sign-On (SP-initiated SSO) allows users to access candidate.fyi by navigating directly to its URL. After successful authentication, users are redirected back to Candidate.fyi with appropriate authentication tokens.

  • Initiation Link: Users should start at https://app.candidate.fyi and select "Log in with Okta".

  • The user will then need to enter their email address and will be redirected to Okta for login if they are not already authenticated.

IdP-Initiated SSO

Identity Provider-initiated Single Sign-On (IdP-initiated SSO) allows users to start their session from the Okta dashboard. In this flow, users log into Okta first and then select the Candidate.fyi application icon from their Okta dashboard, which then logs them into Candidate.fyi automatically without needing to enter additional credentials.

  • Access Path: Users log in via their Okta dashboard by clicking the Candidate.fyi application icon, which directly initiates the session for Candidate.fyi.


โ€‹

Did this answer your question?