Okta SSO

Okta SSO will allow users to sign in to the 1Risk Platform using your corporate Okta Identity Provider.  

Pros:

• Security policy for access control is implemented centrally in Okta
• User access is granted and terminated in Okta
• User only login to Okta

Cons:

• If Okta is unavailable, user may not be able to login
• Okta authentication and configuration changes may impact user's login to 1Risk
• User will need to get support from Okta team for access

See video for setup (4 mins). 

To setup Okta SSO in 1Risk, do the following:

1. Login to Okta console as the Administrator

2. Click on Applications > Applications in the left menu

3. Click on Create App Integration

4. Under Sign-in Method, select OIDC-OpenID Connect

5. Under Application type, select Web Application, click Next

6. Under App Integration name, insert 1Risk Platform

7. Upload the C1Risk logo (optional). 

8. Under Grant type, check Refresh Token and Implicit (hybrid). Note: failure to do this will result in a error. 

9. Under Sign-in redirect URIs and Sign-out redirect URI, insert the link from your Account Setting page. The URL looks like this:  https://appdev.1risk.io/signin/<insert account number>

10. Under Assignments > Controlled access > you must select at least one option. The option will determine how users are added to the Assignment subtab for the 1Risk Platform. Click Save when done. 

11. Once you're done with the setup, make sure the users are in the assignment subtab. 

12. Next login to the 1Risk Platform and go to to Administration > Okta SSO and click Setup

13. Insert the Okta Client ID and Okta Domain into the system and click Save. The system will validate the connection to proceed. 

To get the client id and domain info, you can get this from the Okta page below after you setup the app from step 1-10.

PS: For the Domain, please remove the "-admin" part from the URL.