< All Topics

Configuring Okta with OpenID

Okta is one of the available IDPs to use with Single Sign-On (SSO) in your Hosted~FTP~ account, allowing you to authenticate securely from any device with your SSO credential. This feature is available on our Enterprise T2+ and above accounts.

Redirect URIs

Required redirect URIs to register in your Okta portal

Server location Sign-in redirect URI
Virginia US1 Https://us1.hostedftp.com/openidconnect
Virginia US2 Https://us2.hostedftp.com/openidconnect
California Https://us3.hostedftp.com/openidconnect
Oregon Https://us4.hostedftp.com/openidconnect
Ireland Https://ie1.hostedftp.com/openidconnect
Frankfurt Https://de1.hostedftp.com/openidconnect
Australia Https://au1.hostedftp.com/openidconnect
Korea Https://kr1.hostedftp.com/openidconnect
Japan Https://jp1.hostedftp.com/openidconnect
India Https://in1.hostedftp.com/openidconnect

 

How to Setup Okta

Please refer to Okta’s article here for detailed instructions.

Step Instructions
1 Sign in to Okta organization
2 Go to Applications > Applications
3 Click “Create App Integration”
4 Select “OIDC – OpenID Connect” as the Sign-in method
5 Select “Web Application” as the Application type
6 Enter App integration name: “HostedFTP Webapp”
7 Grant Type: Authorization Code
8 Sign-in redirect URLs (Add 2 URIs from the table above)
9 Sign-out redirect URLs: empty
10 Assignments: Set as desired based on which users or groups need to perform single sign on to the Hosted FTP sites
11 Okta API Scopes: None required
12 Once the Okta application has been created successfully, you will need to keep the following pieces of information to copy and paste into the Hosted~FTP~ configuration:

  • Client ID
  • Client Secret
  • Okta Domain

 

Configuring Okta in Hosted~FTP~

Once you have followed all of the steps above, you can continue to the Hosted~FTP~ interface as the account admin to setup Okta SSO.

1. Go to your Setup tab and click on the SSO page and click on the Add button

2. Fill out the fields including the information you retained when creating your Okta application and click on Save when completed

Name The label of the SSO to be recognized when enforcing on an account/group/user level
Provider Select Okta
Domain The domain used to connect to your Okta server
Client ID The client ID found in the provider’s Okta settings
Client Secret The client secret in the provider’s Okta settings
Extra Parameters Extra parameters to add to the SSO (contact our support team to assist in setup)
Active Defaulted to be on active, un-checking this option will turn off the SSO

 

Enabling SSO for Users

Once your SSO is configured, you will need to enable your user logins to use SSO on an entire account, group of users, or individual user level. Please refer to this article on how to enable SSO for user logins.

Table of Contents