Home
Getting started
Workspaces
Images
Command line
Setup
Admin
Guides
Admin
Compute resources
Database migration
AWS RDS with IAM credentials
File download disabling
Helm charts
Image tag names
Logging
NFS file mounting
OpenID Connect with Azure AD
OpenID Connect with Active Directory Federation Services (ADFS)
OpenID Connect with Google
OpenID Connect with Okta
Shared security responsibility
Storage
Usage monitoring
Workspace provider provisioning via CLI
Customization
Deployment
TLS certificates
Mobile development
Public API
Troubleshooting
Workspace organization
Moving to Coder v2
Sunsetting Coder v1 and v2 Migration FAQ
Changelog
Home
/
Guides
/
Admin
/
OpenID Connect with Okta

OpenID Connect with Okta

This article walks you through setting up single sign-on to Coder using Okta.

Configuring Coder's OpenID Connect feature requires you to provide three pieces of information from Okta:

  • Client ID
  • Client Secret
  • Issuer

This guide will show you how to set up an app on Okta and obtain the information you need to provide to Coder.

Step 1: Register your app with Okta

  1. Log in to your Okta org (<my-company>.okta.com) as an admin.

  2. From the admin dashboard, go to Applications and select the Applications sub-menu.

  3. Click Add Application.

    Okta Applications

  4. Click Create New App.

    Okta Add Application

  5. Select OpenID Connect and click Create

    Okta Create Application Modal

  6. Provide an Application name (i.e., Coder), (optionally) add a logo, and add the Login redirect URIs for Coder (it will be formatted similarly to https://coder.my-company.com/oidc/callback).

    Okta Create OpenID Application

  7. Click Save to proceed.

When Okta has created your app, you'll be redirected to the General tab, which displays your app information.

Step 2: Gather your Okta app information

Once you've saved your app, you can obtain your:

  • Client ID
  • Client Secret
  • Issuer

Client ID and Client Secret

On your application's General tab, look for the Client Credentials section, which includes the Client secret.

Client ID and Secret

Issuer

On your app's Overview page, click the Sign On tab. Find the OpenID Connect ID Token section, and copy the Issuer.

Issuer

Step 3: Assign People and Groups to Coder

On your app's Overview page, click the Assignments tab. Under Assign, you can choose to Assign to People or Assign to Group to provide users and groups access to Coder.

Assignments

Step 4: Configure Coder authentication

Once you've saved your Okta values, you can complete the remaining steps using the Coder UI.

  1. Log in to Coder, and go to Manage > Admin > Authentication.
  2. In the top-most drop-down box, select OpenID Connect.
  3. Provide the requested values for Client ID, Client Secret, and Issuer. Optionally, you can specify Additional Scopes.

When done, click Save Preferences.

At this point, Coder validates your configuration before proceeding. If successful, Coder will send OIDC login attempts to Okta.

See an opportunity to improve our docs? Make an edit.
On this page