Login
      Contents x
      Okta OIDC
      • 13 Aug 2024
      • 2 Minutes to read
      • Print
      • Dark
        Light
      • PDF
      Contents

      Okta OIDC

      • Updated on 13 Aug 2024
      • 2 Minutes to read
      • Print
      • Dark
        Light
      • PDF
      Article summary

      Step by step guide to configure Okta as an OIDC Identity Provider within Visma

      Follow the steps below to configure  Okta as an OIDC Identity Provider within Visma. Keep Authentication Settings open in your browser while you access Okta in a new window or tab. You will need to return to the Single Sign-On page to complete the configuration steps.

      Prerequisites

      • Okta account

      • All of your users under your account in Visma will need a pre-existing account in Okta with exactly the same email address.

      A. Configure Visma Single Sign-On app with Okta

      1. Sign in into Authentication Settings and go to the Single Sign-On page

      2. Enter your mydomain (i.e. example)

      3. “Add OIDC Identity Provider" choose Okta.

      4. From the Configure URIs in Okta section, copy the generated Redirect URI

      B. Configure the OIDC application in Okta

      Open a new tab/window in your browser and follow these steps:

      1. Sign in to your Okta account

      2. Go to Applications > Applications.

      3. To create an app integration, click Create App Integration.

        AuthSettings_SSO_OIDC_OKta_1

      4. Select OIDC - OpenID Connect as Sign-in method

      5. Under Application type choose the type Web Application and click Next

        AuthSettings_SSO_OIDC_OKta_2

      6. Enter the following details in General Settings and click Next.

        1. App integration name: Visma (or your preferred app integration name)

        2. App Logo (optional): Upload in PNG, JPG, or GIF format. The logo size must be less than 1 MB.

        3. Sign-in redirect URIs: Paste the value copied from step A.4 (from Authentication Setting Configure URIs in Okta section, copy the generated Redirect URI ) i.e https:/example.my.connect.visma.com/oidc/callback

        4. Under Assignments: Select if you’d like to assign all users or only a specified group then click Save

          AuthSettings_SSO_OIDC_Okta_B6

      7. From the Client Credentials section copy your Client ID and check the option to “Require PKCE as additional verification“

        AuthSettings_SSO_OIDC_Okta_B7

      8. Note you will also have to copy the client secret  value from Client secrets, so keep the window open

      C Go back to Authentication Settings to continue the Single Sign-On setup with Okta

       Keep Okta open in another window to be able to copy/paste values from there into Authentication Settings.

      AuthSettings_SSO_OIDC_OKTA_C1

      1. On section 2 Configure OpenID Connect Client enter the Authority value for your OKTA tenant url

      2. Paste on Client ID the value copied at step B.7 from Okta

      3. Paste the Client secret copied at step B.8 from Okta ( Client secrets section in Okta)

      4. Now go to 3.Advanced Configuration you can decide if you wish to Just in time provision users when they sign with Okta into Visma.

      5. Click SAVE

        AuthSettings_SSO_OIDC_EntraID_C6

      D. Test the Single Sign-On with Okta

      To make sure SSO is working,  go to your Visma MyDomain e.g. https://example.my.connect.visma.com directly, and then click the Sign in with Okta button.

      1. AuthSettings_SSO_Okta_Test_Step1

      Was this article helpful?
      What's Next

      © 2024 Visma

      Change password!
      Changing your password will log you out immediately. Use the new password to log back in.
      Change profile
      Success!
      First name must have atleast 2 characters. Numbers and special characters are not allowed.
      Last name must have atleast 1 characters. Numbers and special characters are not allowed.
      Enter a valid email
      Enter a valid password
      Your profile has been successfully updated.
      Logout