Create an Okta Oauth2 client

Client creation is handled by the bigfork/silverstripe-oauth-login module. See oauth-login.yml for an example configuration.

Authenticator

The module configures and provides an extension to the OAuth authenticator. This authenticator provides a logout handler.

Turn ON the Member Authenticator

By default, the module resets all authenticators. To enable local user access, add the following environment variable to your project:

ALLOW_MEMBER_AUTHENTICATOR=1

In project configuration:

---
Name: re-enable-local-authenticator
After:
  - '#silverstripe-okta-authenticator'
---
SilverStripe\Core\Injector\Injector:
  SilverStripe\Security\Security:
    properties:
      Authenticators:
        default: '%$SilverStripe\MFA\Authenticator\MemberAuthenticator'

Required configuration values

clientId your Okta clientId for the app in question
clientSecret your Okta clientSecret for the app in question
redirectUri one of the "Sign-in redirect URIs" listed in your application (General Settings)
issuer your Okta URL, in the format https://my-subdomain.okta.com/oauth2 (or oktapreview.com for sandbox work)

See the example project configuration to see how these values are used.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

002_oauth_login.md

002_oauth_login.md

Create an Okta Oauth2 client

Authenticator

Turn ON the Member Authenticator

Required configuration values

Files

002_oauth_login.md

Latest commit

History

002_oauth_login.md

File metadata and controls

Create an Okta Oauth2 client

Authenticator

Turn ON the Member Authenticator

Required configuration values