This page is out of date/deprecated and is under construction. Check back soon for updated instructions on using OIDC.
For more detailed integration steps, see Keycloak with Okta OpenID Connect Provider.
Follow these steps to integrate Okta using OIDC:
  1. Ensure you have completed the steps in Simple login flow.
  2. Start creating th eOIDC Identity Provider integration in the Keycloak.
  3. In Okta, create a new OpenID connect application integration and use PUBLIC (make sure it’s not a localhost) redirect uri as a login URL in Okta form.
  4. Copy the Client ID and Client Secret from Okta into the Keycloak’s configuration.
  5. Under Client Authentication, select Client Secret Sent as POST.
  6. By default, use https://{OKTA-DOMAIN}/oauth2/default/v1/authorize and https://{OKTA-DOMAIN}/oauth2/default/v1/token as authorization and token endpoints, respectively.
  7. Set openid profile email as default scopes.