Prerequisites
In order to enable the Okta integration, you need to have an active Enterprise plan with Layer. If you haven't already done so, please go to your workspace plan settings and subscribe to an Enterprise plan.
Supported Features
Layer's Okta integration supports the following features:
SP-initiated SSO (Single Sign-On)
IdP-initiated SSO (through Third-party Initiated Login)
Just-In-Time provisioning
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
In Okta, Go to Applications → Create App Integration.
Choose OIDC as the Sign-in method. Choose Web Application as your Application Type. Click Next.
Enter "https://auth.app.layer.ai/login/callback" into the Sign-in redirect URIs.
Enter "https://app.layer.ai" into the Sign-out redirect URIs.
If you'd like to be able to initiate login from Okta:
Choose "Either Okta or App" for Login initiated by
Set Application visibility checkboxes as needed
Choose "Redirect to app to initiate login" for Login flow
Enter "https://app.layer.ai/login" into the Initiate login URI
Click Create.
Assign the users or groups that should be able to log into Layer.
Note the Client ID and Client Secret.
Contact [email protected] with the following information:
Okta Domain (looks like acme.okta.com)
Client ID
Client Secret