Create A New App In Okta
The first step is to create a new Okta App for Loft.
Next select "Web" App and make sure OpenID Connect is the single sign on method.
In the next screen make sure the login redirect URIs contain your Loft instance domain:
Enable Refresh Tokens
After creating an Okta app for Loft, ensure that "Refresh Token" is checked under "Allowed grant types" - otherwise your users will have to re-login everytime after a session expires.STEP 3
Enable Group Claims
If you want to propagate the users groups to Loft, then make sure the Group Filters in Okta are set accordingly. If you want to propagate all groups, add a RegEx filter with '.*'STEP 4
Configure Loft To Use Okta
After configuring Okta for Loft, navigate to
Admin > Config in Loft and enter the following configuration:
Add Users via Okta Assigments
Please make also sure that you have assigned the correct Users and Groups that you would like to access Loft in Okta.
After users or their groups are assigned to Loft, they will be able to log in via Okta:STEP 6
Disable Username + Password Authentication (optional)
To disable password-based authentication, navigate to
Admin > Config add these two lines to your config: