Okta SSO Integration

Overview

This guide explains how to enable Okta OpenID Connect (OIDC) Single Sign-On (SSO) for AlphaSOC.

Supported features:

• IdP-initiated SSO: allows users to log in to the AlphaSOC Console from the Okta End-User Dashboard.
• Just-In-Time (JIT) provisioning: automatically creates a user in your AlphaSOC organization on first Okta login.

note

SSO is available upon request. Contact AlphaSOC to enable Okta SSO.

Configuring Okta Integration with AlphaSOC

Prerequisites

Before proceeding, ensure you have the following:

• An Okta account with administrative privileges for a tenant.
• Access to the AlphaSOC console Owner account.

Step 1: Add AlphaSOC Console Application in Okta

1. Log in to your Okta workspace administrator account.
2. Navigate to Applications > Applications on the left pane and click Browse App Catalog.

3. Search for "AlphaSOC Console" or click here.
4. Click Add Integration.

5. Set the application label (display name) and click Done to add the application to your Okta workspace.

Step 2: Assign Users or Groups to Grant Access to the AlphaSOC Console Application

After adding the application to your Okta workspace:

1. Navigate to the Assignments tab of the AlphaSOC Console application.

2. Click Assign and select who you want to grant access to the AlphaSOC Console through Okta SSO. You can choose to assign individual users or groups.

After you save the configuration, you should be able to see a list of assigned users in the Assignments tab:

Step 3: Configure SSO Settings in AlphaSOC Console

1. Sign in to the AlphaSOC Console with an Owner account.
2. Click the settings icon on the top right corner and navigate to the Authorization tab.

note

If you don’t see the Authorization tab, make sure you are signed in as an Owner.

By default, password authentication is enabled. You can disable it later.

3. Click the edit icon next to the Okta provider to update your credentials.

4. To configure the Okta provider, replace the following values with your:

• Okta Domain (for example: <YOUR_OKTA_DOMAIN>.okta.com)
• Okta Client ID
• Okta Client Secret

To find your Okta Domain, click your name in the top right corner of your Okta workspace. Click the icon to copy the domain.

To find your Okta Client ID and Okta Client Secret, navigate to the Sign On tab of the AlphaSOC Console application in Okta. In the Sign on methods section, locate OpenID Connect.

Copy the Client ID and Client secret and paste them into the respective fields in the AlphaSOC Console.

5. After all fields are populated, click Update to save the Okta configuration.

Your configuration is now complete. When you first sign in to AlphaSOC through SSO with an existing account, you will be prompted to enter your AlphaSOC password.

Logging in with Okta SSO

After you have configured the Okta provider, you can log in to AlphaSOC using Okta SSO.

1. Navigate to your Okta End-User Dashboard and select the AlphaSOC Console application.

2. You will be redirected to the AlphaSOC page. If you have an existing AlphaSOC account and are logging in with Okta for the first time, you will be prompted to enter your AlphaSOC password.

After you verify your password, you will be logged in to the AlphaSOC Console.

Disabling Password Authentication

By default, password authentication is enabled. If you want users to sign in only through Okta SSO, you can disable password authentication.

1. Navigate to the Authorization tab of the AlphaSOC Console settings.
2. Click the Disable password authentication button.

You will be asked to confirm your action.

note

After you disable password authentication, all users in the organization will only be able to sign in with Okta SSO. Ensure Okta SSO is enabled before proceeding.

After you confirm, password authentication will be disabled.