Configure OKTA Authorization Server for SRD API - Intergraph Smart Reference Data - Installation & Upgrade - Hexagon PPM

Intergraph Smart Reference Data Installation (10.1)

Language
English (United States)
Product
Intergraph Smart Reference Data
Search by Category
Installation & Upgrade
Smart Materials/Smart Reference Data Version
10.1

Before you start to configure, it is assumed that an OKTA user account is created and the user is logged into OKTA as an administrator.

The steps for configuring OKTA Authorization Server are listed below:

  1. Create the OKTA Application (client).

  2. Create a user in OKTA.

  3. Create an OKTA Authorization Server (AS) and assign the OKTA Application to it.

  4. Edit the SRD API Web.config and set the Audience and Issuer URI gathered from OKTA.

Create an OKTA Application

OKTA refers the clients as applications. You must grant the application access to an Authorization Server.

  1. Click the Applications tab and select Applications.

  2. Click Add Application.

    Imag1-Applications

  3. Click Create New App.

    Create New App

  4. Select OpenID connect as Sign on method for the Native app.

  5. Click Create.

    Image2-OpenID Connect

  6. Enter the Application label and add the Login and Logout URIs including any local host redirects for dev/test.

  7. Select the Authorization Code check box.

  8. Select the Refresh Token check box.

    Image3-create okta application

  9. Click Add URI and type the Login redirect URI.

    The redirect URl must be in the below format: http://<application_server_name>.<domain_name>/<SRD_Service_Virtual_directory>/TestHTMLAccess.htm

  10. Click Save. The Client ID will be auto-populated.

    Client Creds

  11. Make a note of the Client ID.

Add New Users to OKTA

  1. Click the Dashboard tab and select Dashboard.

    Image1- add new users

  2. Click the Add people hyperlink.

  3. In the People screen, click Add Person.

    Image2- add new users

    SHARED Tip You can also navigate to People screen from the Directory tab.

  4. Enter the required data to create a new user profile.

  5. Click Save.

    Image4- add new users

    The Username can be same as the Primary email.

Assign the application to user

  1. Open OKTA application.

  2. Click the Assignments tab.

  3. Click Assign and select Assign to People.

    Image1-Assign applications

  4. Search for appropriate group /people to assign.

    Image2-assign

  5. Click Assign.