Okta configuration

Modified on Tue, 05 Sep 2023 at 02:13 PM

In Mail & Deploy Management Console

Create a new Identity Provider


NAME: M&D internal's name for the Identity Provider

DOMAIN: Your Okta domain (without HTTS://)

ISSUER: Your Okta issuer

CLIENT ID: We'll get this later

CLIENT SECRET: We'll get this later

CUSTOM SCOPES: groups (lowercase, just like the screenshot)

CALLBACK URL:  includes PORT if necessary, for example https://TITAN:14998/AuthenticationCallback/OpenIdConnect/Okta


USER ID: leave as it is



GROUPS: groups

(all lowercase, as shown in the screenshot)


IDP GROUP NAME: choose a name, in the example our group is MND_Admins and the users will be Administrators in M&D

In your Okta environment

Create an Application

with the following properties set

method: OIDC - OpenID Connect

Application type: Web Application

Press Next

App Integration name: Choose a name for the Application

Grant type:  Implicit (hybrid)

Sign-in redirect URIs:  in M&D Settings -> INDENTITY PROVIDERS -> OpenID Connect -> GENERAL -> CALLBACK URL 

(the one that was noted before)

Controlled access: depends on your organization

Press save.

Application -> General

Fill in CLIENT ID and CLIENT SECRET in M&D OpenID Connect Identity Provider properties 


In this example we are creating a group that is called MND_Admins

Applications -> Applications -> Sign On

Groups claim type: Filter

Groups claim filter: groups     Matches regex     .*

Press save

Security -> API

Authorization Servers -> edit default

Add Scope


Name: groups

Include in token type ID Token   Userinfo / id_token request

Value type: Groups

Include in: The following scopes: groups

Press save

Token Preview 

Test the configuration

The Preview should show the group that you created beforehand as well as all the information of the user.

In Mail & Deploy Management Console

In this example the URL to access the Management Console using Okta is:


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article