OpenID Connect (OIDC) is a modern authentication protocol that offers a streamlined and secure Single Sign On (SSO) experience. Okta's integration with Mapiq using OIDC ensures seamless access for users. This article provides a comprehensive guide on setting up this integration.
You'll learn about the requirements, supported features, configuration steps, and claims associated with Okta's OIDC integration with Mapiq.
Supported Features
The Okta Mapiq SSO integration supports:
SP-Initiated SSO
JIT (Just-In-Time Provisioning)
For a deeper understanding of thee features, refer to the Okta Glossary.
Configuration Steps
Note: Before you can start configuring SSO through Okta, make sure you have the necessary permissions in your Okta organization to install and configure applications.
Install the Okta Mapiq integration through the Okta Integration Network (OIN).
In the application, navigate to Sign On > Sign on methods and select "OpenID Connect".
Under Sign On > Sign on methods > OpenID Connect, locate the Client ID and Client Secret.
Contact Mapiq support or your designated Mapiq contact person and request SSO activation for Okta with OIDC. Provide the previously copied Client ID, Client Secret, your Okta domain/issuer, and the email domains used by your users.
After receiving confirmation, you can start assigning users to the application.
Your users can now access Mapiq using Okta SSO. ๐
Note: Mapiq doesn't offer a backup sign-in URL for Okta SAML integration misconfigurations. If you're locked out due to a configuration error, please contact Mapiq Support.
Claims Configuration
The Okta Mapiq integration for OIDC currently supports only the standard OIDC claims:
given_name
family_name
name
email
โ ๏ธ It doesn't support the extended optional claims available in Mapiq. If you wish to use the extended claim set with Okta โ OIDC, create an App Integration in Okta with a custom authorization server. Then, follow the Generic OIDC SSO configuration to connect this to Mapiq.
SP-Initiated SSO
Visit https://app.mapiq.com.
Click "Sign in".
Enter your company email address.
Authenticate using your Okta credentials.
๐ฌ Need More Help?
If youโd like extra assistance, reach out via the Messenger (question mark in the corner) and chat with our support team, or email us at [email protected].
Weโre always ready to help! ๐