Set Up Okta as Identity Provider on Mulesoft Anypoint Platform

MuleSoft Anypoint Platform can be configured for Single Sign-On (SSO) using Okta, OpenAM, or PingFederate. SSO is useful to authenticate and access multiple applications/websites by logging in only once. Identity Management can be configured using one of the below SSO standards:

  1. OpenID Connect
  2. SAML 2.0

Configuring Okta

  • Create an account on Okta if you do not have one already.
  • Once you log in, create a new application by clicking on the Application menu tab.

okta-idp-create-application-add

  • Select Web on the next screen and click next.

select web and hit next

  • On the next screen, we have to provide details like application name, redirect URI etc.

Provide Details in Web Application Form

Give a name to your application. Provide https://anypoint.mulesoft.com against Base URIs or leave it blank. Login Redirect URI is of following format: https://anypoint.mulesoft.com/accounts/login/{{domain}}/redirect

Note: {{domain}} is organization-specific; to retrieve that, login to Anypoint Platform -> Access Management -> Organization > Click on the organization name and copy the Organization Domain.

  • Finish the process and take note of the client ID and Secret displayed at the next page’s bottom.

Take note of Client ID and Client secret

  • From the top menu bar, go to API -> Authorization Servers

API Authorization Servers

  • Click on default.
  • Clicking on Metadata URI will open a new tab with JSON payload listing Authorization and token endpoint, which will be used in the platform to set up the Identity Provider.

Settings for Metadata URI

Configuring MuleSoft AnyPoint Platform

  • Log in to the platform, and navigate to Access Management > Identity Provider

Identity Provider

  • On the next screen, click on Use manual registration and enter the Okta application’s client Id and secret.

Okta application’s client Id and secret.

To Test the Setup

Once the MuleSoft Anypoint platform and Okta setup are done, we can test the SSO functionality by browsing URL https://anypoint.mulesoft.com/accounts/login/{{domain}} which will be redirected to the Okta login page instead of Anypoint platform one.

Adding a User

New users can be added to the Anypoint platform from Okta instead of inviting them from Access Management.

  • To add new user, login to your Okta account, navigate to Users -> People -> Add Person

Add user

Provide the required details. The added user can navigate to the login URL and sign in.

This UrIoTNews article is syndicated fromDzone