How to create an Okta application for Swimm
To authorize Okta SSO for your organization, we will need you to create an SSO application on your Okta instance. Follow the steps:
Create Okta App
- Create App Integration
- Open ID Connect
- Application Type
- App Integration Name
- Redirect URI
- Trusted Sources
- Info for Swimm
Navigate to the "Applications" menu within the Okta Admin Panel and click "Create App Integration."
Select OIDC - Open ID Connect.
Select Single-Page Application and click Next.
Type Swimm for the App integration name, and add the Swimm logo. Then, select these Grant types for Client to act on behalf of user:
- Authorization Code
- Refresh Token
1. Set sign-in redirect URI to be https://app.swimm.io/setOktaToken
2. Set sign-out redirect URI to be https://app.swimm.io/ssologout
Add https://app.swimm.io as a trusted source. Assign developers with permissions to access the app. Authorize them before requiring SSO login, to avoid account lockouts. Click Save.
Swimm will need the Client ID and the Okta URL (top right, under your email address).
Next, we'll need to add some permissions to the app. Please navigate to Okta API Scopes and follow the steps below:
App Permissions
- API Scopes
- API Security
- Trusted Origins
- Swimm as Origin
Grant the following permissions:
- okta.myAccount.email.read
- okta.myAccount.phone.read
- okta.myAccount.profile.read
Navigate to Security -> API.
Click on Trusted Origins -> Add Origin.
1. Fill in Swimm as the Origin Name.
2. Fill in https://app.swimm.io as the Origin URL.
3. Select Cross-Origin Resource Sharing.
Final Step: Send information to Swimm:
1. Client ID
2. Okta URL
Additional Information
- Please let us know what domain your employees use because we don't have automatic provisioning.
- If you have a set-up that requires users to re-authenticate every X hours / days, please let us know as well.