Okta Workforce Identity Provider

1. Setup App Integration in Okta

1.1. Prerequisites

  1. Login to your Turbomechanica account with user email provided by Mechademy.

  2. On the Turbomechanica dashboard, in the left panel click on Settings Icon > Integrations > Click on info icon on the top right corner > Select integration type as Okta Workforce.

  3. Note the identity provider Sign-in Redirect URI ; this will be used in later steps to create app integration.

1.2. Create App Integration

  1. Log in to the Okta Developer Console, go to Okta Admin Dashboard.

  2. Go to Applications > Applications > Create App Integration and choose OIDC - OpenID Connect from the options.

  3. Choose the type Web Application and then click Next.

  4. Provide the necessary settings information for your integration. (See Application Integration Wizard OIDC field reference for descriptions of individual fields.)

  • Configure the following settings:
SettingDescriptionExample
Sign-in Redirect URIsTo obtain the value, please follow instructions in 1.1 prerequisites section above.https://{yourAuthDomain}/login/callback

  1. In Assignments section, select Skip group assignment for now and click Save.

  2. After you create your OIDC app integration, client credentials and client secrets appear on the General Tab.

  3. Note the identity provider Client ID and Client Secret.

  4. Click Finish. Your integration is now created in your Okta account.

2. Setup Okta Workforce Integration in Turbomechanica.

  1. Login to your Turbomechanica account with user email provided by Mechademy.

  2. On the Turbomechanica dashboard, in the left panel click on Settings Icon > Integrations > Click on Add Integration on the top right corner.

  3. Follow the steps and provide the following mandatory configuration settings for this connection:

FieldDescription
Okta DomainOkta's domain name for your organization. (Example :- https://{your-okta-domain.com})
Client IDTo obtain the value, please follow instructions in 1.2 Create App Integration section above.
Client SecretTo obtain the value, please follow instructions in 1.2 Create App Integration section above.
Domain AliasesYour company's domain address used in email IDs. This user's email domain will be compared to this value. If there is a match, users will be redirected to the identity provider.
  1. Click Save. Your integration is now complete. Well Done !

3. Test the Integration

  1. To test the user login process, create a test user with your company's email domain (email domain should match with value added in Domain Aliases in above section) in your Okta account.
  • Log in to the Okta Developer Console, go to Okta Admin Dashboard.
  • Go to Directory > People
  • Click the Add Person button.
  • Fill in User Details
  • Activate User

  1. Assign test user with permissions to access the newly created app.

  2. Go to your Turbomechanica domain. This time, try logging in with Okta credentials for test user and you should be redirected to OKTA SSO page for login.

Note: If you face any issues regarding redirection, make sure to check your email address domain matches with Domain Alias field added in previous steps.

4. Assign Users to App

  1. Log in to the Okta Developer Console, go to Okta Admin Dashboard.

  2. Go to Applications > Applications > Click Assign Users to App.

  3. Select the app created in the above steps and assign it to people or groups.

  4. Click Next and Confirm Assignments.

IdP-initiated SSO

Reference: Configure Okta Workforce