Reference Guide
...
Multi-Factor Authentication
External MFA Providers

Okta MFA Integration

4min

For Okta integration, users should log in to Okta with the email addresses defined in Single Connect. After logging in to the Okta portal, token verification can be done through different verification methods.

Okta Verification Methods
Okta Verification Methods

  • To use the Okta verification method, users must download the Okta Verify mobile app. Okta Verify should be activated from the user portal settings area, followed by a scan of the barcode that appears on the portal’ mobile application section.
  • Users should also download the Google Authenticator mobile app if they wish to use the Google Authenticator method. The Google Authenticator should be activated from the user portal settings area, followed by a scan of the barcode that appears on the portal’ mobile application section.
Okta Verify Barcode Viewer
Okta Verify Barcode Viewer

Google Authenticator Barcode Viewer
Google Authenticator Barcode Viewer


Single Connect integrates with Okta via API, as long as certain parameters are defined in Single Connect:

  • API key (the API key is created by Okta for each customer environment)
  • URL (the URL is unique for each customer environment)

To adjust the Okta Integration Settings:

  1. Navigate to Administration > System Config Manager.
  2. Set the following parameters: mfa.provider=okta (default: internal) mfa.external.provider.okta.apikey=xxx (encrypted) mfa.external.provider.okta.hostname mfa.external.provider.okta.factor={token:software:totp, sms, push} (default: token:software:totp) mfa.external.provider.okta.totpprovider={google, okta} (default: google)
  • With Okta enabled, the token can be sent in different ways:

token:software:totp

Token in the mobile app is used. (Okta Verify or Google Authenticator)

SMS

Token is sent by SMS.

Push

Verification is confirmed from the mobile application. (Okta Verify)