MuleSoft Technical Guides

Setup Okta as Identity provider on MuleSoft Anypoint Platform

User MuleSoft Integration Team
Calendar February 26, 2021

MuleSoft Anypoint Platform can be configured for Single Sign-On (SSO) using Okta, OpenAM or PingFederate. SSO is useful to authenticate and access multiple applications/websites by logging in only once. Identity Management can be configured using one of the below SSO standards:

  1. OpenID Connect
  2. SAML 2.0

Configuring Okta

1. Create an account on Okta if you do not have one already.

2. Once you log in, create a new application by clicking on the Application menu tab.

okta-idp-create-application-add

Select Web on the next screen and click next.

3. On the next screen, we have to provide details like application name, redirect URI etc.

 

okta-idp-create-application-form

Give a name to your application. Provide https://anypoint.mulesoft.com against Base URIs or leave it blank. Login Redirect URI is of following format – https://anypoint.mulesoft.com/accounts/login/{{domain}}/redirect

Note: {{domain}} is organization-specific, to retrieve that, login to Anypoint Platform -> Access Management -> Organization > Click on the organization name and copy the Organization Domain.

4. Finish the process and take note of the client ID and Secret displayed at the next page’s bottom.

 

 

okta-idp-app-id-secret

5. From the top menu bar, go to API -> Authorisation Servers

 

okta-idp-auth-server

 

Click on default.

6. Clicking on Metadata URI will open a new tab with JSON payload listing Authorization and token endpoint, which will be used in the platform to set up the Identity Provider.

okta-idp-auth-server-uri

Configuring MuleSoft AnyPoint Platform

1. Log in to the platform, and navigate to Access Management > Identity Provider

okta-idp-platform-sso

2. On the next screen, click on Use manual registration and enter the Okta application’s client Id and secret.

okta-idp-platform-config

To test the setup

Once the MuleSoft Anypoint platform and Okta setup are done, we can test the SSO functionality by browsing URL https://anypoint.mulesoft.com/accounts/login/{{domain}} which will be redirected to the Okta login page instead of Anypoint platform one.

Adding User

New users can be added to the Anypoint platform from Okta instead of inviting them from Access Management.

To add new user login to your Okta account, navigate to Users -> People -> Add Person

okta-idp-add-user

Provide the required details. The added user can navigate to the login URL and sign in.

 

Leave a comment

Your email address will not be published. Required fields are marked *